Skip to content

Latest commit

 

History

History
146 lines (115 loc) · 12.1 KB

README.md

File metadata and controls

146 lines (115 loc) · 12.1 KB

Awesome CI/CD Security Awesome

List of awesome resources about CI/CD security included books, blogs, videos, tools and cases.

Table of Contents

Books

Guidelines

Blogs

General

Azure DevOps Server

GitLab

GitHub Actions

Jenkins

ArgoCD

Videos

Repositories

Tools

  • Gato - A tool that helps blue teamers and offensive security practitioners find weaknesses in GitHub organization's public and private repositories.
  • clank - Simple tool that allows you to detect imposter commits in GitHub Actions workflows.
  • legitify - Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets.
  • poutine - A security scanner that detects misconfigurations and vulnerabilities in the build pipelines of a repository.
  • Harden-Runner - Network egress filtering and runtime security for GitHub-hosted and self-hosted runners.
  • Cimon - Runtime security solution for your CI/CD pipeline.
  • Raven - A powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database

Playground

Cases

Your contributions are always welcome.

License

CC0