Top 4 Java Devsecops Projects
-
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
-
aegis4j
A Java agent that disables platform features you don't use, before an attacker uses them against you.
Project mention: Show HN: Pre-alpha tool for analyzing spdx SBOMs generated by GitHub | news.ycombinator.com | 2024-04-21I've become interested in SBOM recently, and found there were great tools like https://dependencytrack.org/ for CycloneDX SBOMs, but all I have is SPDX SBOMs generated by GitHub.
I decided to have a go at writing my own dependency track esque tool aiming to integrate with the APIs GitHub provides.
It's pretty limited in functionality so far, but can give a high level summary of the types of licenses your repository dependencies use, and let you drill down into potentially problematic ones.
Written in NextJS + mui + sqlite, and using another project of mine to generate most of the API boilerplate/glue (https://github.com/mnahkies/openapi-code-generator)
Qualys is good. For open source vulnerability scanner for APIs - you can also try https://github.com/akto-api-security/akto
Java Devsecops related posts
Index
What are some of the best open-source Devsecops projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | dependency-track | 2,329 |
2 | wrongsecrets | 1,117 |
3 | akto | 823 |
4 | aegis4j | 14 |
Sponsored