-
snyk
Discontinued Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
ThreatPlaybook
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Snyk: Scan your dependencies (SCA - Software Component Analysis)The libraries and packages you use often end up containing vulnerabilities. Tools like Snyk can scan your dependencies and tell you which to update for security reasons.
Klair: Scan your containersJust like external dependencies can contain security flaws, container images also can contain outdated programs and dependencies subject to security issues. Klair is an open-source tool that can help you find outdated dependencies and security flaws in your docker images.
Threat modelling Look at some lightweight incremental threat modelling reviewing new user stories and then using labels to keep track of status. There are free tools such as threat playbook as well: https://github.com/we45/ThreatPlaybook