Building a great tech team takes more than a paycheck. Zero payroll costs, get AI-driven insights to retain best talent, and delight them with amazing local benefits. 100% free and compliant. Learn more →
Top 23 Go Devsecops Projects
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreProject mention: Friends - needs help choosing solution for SBOM vulnerability | /r/devops | 2023-06-01
Protect and discover secrets using Gitleaks 🔑Project mention: Go Security Scanner | /r/golang | 2023-06-08
Cool. What features/capabilities are different compared to gitleaks?
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
Find and verify credentialsProject mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.Project mention: Show HN: Netmaker – Netmaker Goes Open Source | news.ycombinator.com | 2023-09-25
Security scanner for your Terraform codeProject mention: What is the best `as Code` tool in 2023? | dev.to | 2023-07-26
Great toolchain, including Infracost or tfsec.
Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required.Project mention: Steampipe Hacktoberfest 2023 | /r/hacktoberfest | 2023-10-02
Turbot’s Steampipe.io is your go-to CLI for querying APIs (e.g AWS, Kubernetes, GitHub, etc) with SQL! Check it out here: https://github.com/turbot/steampipe
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.Project mention: How are you securing your Azure DevOps IaC pipelines? | /r/AZURE | 2023-05-26
Terrascan could also be useful : https://github.com/tenable/terrascan
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:Project mention: Securing the software supply chain in the cloud | dev.to | 2022-12-10
ContainerSSH: Launch containers on demand
♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎 (by hahwul)
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.Project mention: [Tool] An alternative to Brakeman for Security | /r/rails | 2023-07-11
My team and I released Bearer a couple of weeks ago, a newer open and free alternative to Brakeman to check your code for security and privacy risks. In addition to Ruby/Rails, we also cover your JS/TS code, which allows you to use a single solution for your whole Rails application.
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assetsProject mention: GitHub - Legit-Labs/legitify: Detect and remediate misconfigurations and security risks across all your GitHub GitLab assets. Version 1.0 is out, check out the new enterprise-level policies. | /r/netsec | 2023-08-04
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
Agile Threat Modeling ToolkitProject mention: stumbled upon a new threat modeling resource | /r/threatmodeling | 2023-01-24
The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).Project mention: A Better Version Is Released - Selefra v0.2.3 | /r/Selefra | 2023-07-03
[Feature]Modules support filtering, while labels support customization of any format. by @FelixsJiang in #30
Scans Software Bill of Materials (SBOMs) for security vulnerabilitiesProject mention: Bomber - Scans SBOMs for Vulnerabilities | /r/devsecops | 2022-10-17
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integrationProject mention: padok-team/YATAS: A simple tool to audit your AWS infrastructure for misconfiguration or potential security issues with plugins integration | /r/blueteamsec | 2023-01-10
Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based frameworkProject mention: StackQL Studios - Query, provision, secure & operate cloud resources using SQL | /r/programming | 2023-02-04
preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack. (by SpectralOps)
Telling tales on you for leaking secrets!
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
Go Devsecops related posts
Seeking help to identify vulnerabilities and secrets in a website backup file
1 project | /r/HowToHack | 3 Jul 2023
OSS Security - Deepfence Threat Mapper
1 project | /r/selfhosters | 17 Jun 2023
Detecting Threats on 100k Servers, 1000s of Cloud Accounts, 2500 K8s Clusters
1 project | news.ycombinator.com | 5 Jun 2023
Friends - needs help choosing solution for SBOM vulnerability
2 projects | /r/devops | 1 Jun 2023
How are you securing your Azure DevOps IaC pipelines?
1 project | /r/AZURE | 26 May 2023
Introducing DeepSecrets: a better appsec tool for secrets scanning
4 projects | /r/netsec | 27 Apr 2023
Popular and recommended tools for vulnerability scanning
2 projects | /r/Terraform | 10 Mar 2023
A note from our sponsor - Revelo Payroll
try.revelo.com | 3 Oct 2023
What are some of the best open-source Devsecops projects in Go? This list will help you: