secure-development

Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used

threat application-security threat-modeling appsec threat-model secure-development devsecops threat-modeling-tool threat-models threat-modeling-from-code

UpdatedJun 25, 2025
Java

Hack23 /ISMS-PUBLIC

Star22

Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure

cybersecurity compliance transparency information-security suppliers vulnerability-management governance management-system isms risk-management iso27001 secure-development security-architecture devsecops security-policy cis-controls businesscontinuity information-security-policies nistcsf enterprise-security-architecture

UpdatedJan 26, 2026

CyberismoCom /cyberismo

Star10

A security-as-code tool for making a difference in cybersecurity

secure-development security-tools security-as-code

UpdatedFeb 20, 2026
TypeScript

ThalesGroup /besec

Star7

Self-service SDLC and maturity measurement

sdlc secure-development maturity-model

UpdatedJan 1, 2026
TypeScript

broadinstitute /dsp-appsec-infrastructure-apps

Star7

This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

security application-security appsec security-scanner secure-development security-automation security-tools devsecops security-scan appsecurity appsec-tools cis-scanner zap-scanner

UpdatedFeb 20, 2026
Python

Hack23 /talks

Star7

How to secure your development pipeline with static application security test (SAST) / Dynamic application security test (DAST), software composition analysis (SCA) using Sonarqube.

maven static-analysis sonarqube dynamic-analysis application-security vulnerability-management sca secure-development devsecops software-composition-analysis sast dast dependency-scanning code-security open-source-security

UpdatedFeb 20, 2026

dschulmeist /secure-design-patterns

Star5

implementation of some secure design patterns with explanation

architecture design-patterns secure secure-development secure-design-pattern

UpdatedDec 17, 2025
Java

yandex-cloud-examples /yc-webinar-security-pipeline-2023

Star4

Материалы к вебинару «Как выстроить процесс безопасной разработки в Yandex Cloud».

kms secure-development yandex-cloud slsa scanning-images cosign yandexcloud

UpdatedFeb 13, 2025

CyberismoCom /module-secure-development-essentials

Star3

Essentials for secure development, including threat modeling

threat-modeling software-architecture secure-development architecture-diagrams

UpdatedNov 25, 2025
Answer Set Programming

moogiio /SecureCodePuzzles

Star2

Just like chess puzzles, but with code

puzzle secure-development code-puzzle

UpdatedSep 18, 2024
C#

scottnorton-io /pci-dss-v4-article-series

Sponsor

Star1

Complete PCI DSS v4.0 Compliance Article Series — Requirements 1–12, Appendices A1/A2 and A3, Governance Assets, and Compliance Lifecycle Guidance.

documentation standards cybersecurity pci-dss compliance information-security governance risk-management secure-development security-awareness continuous-compliance

UpdatedApr 26, 2025
Python

gabrielldn /SecureFlow-CI-CD

Star1

SecureFlow-CI-CD demonstrates a CI/CD pipeline using GitHub Actions to perform security checks and analyses on a Python project.

python security pipeline ci-cd pytest flake8 cicd secure-development devsecops bandit github-actions dependency-scanning streamlit codeql

UpdatedFeb 11, 2026
Python

tatilimongi /Secure-UserForm

Star1

A secure user authentication system with JWT, implementing best practices for secure development, including RBAC, PBAC, session expiration, password encryption with BCrypt, simple audit logging, and Docker containerization as part of a Secure Development course project.

java docker security jwt spring-boot sonarqube bcrypt rbac session-management csrf code-quality restful-api secure-development vulnerability-scanner password-encryption user-authentication pbac dependabot audit-logging secure-password-storage

UpdatedJan 26, 2026
Java

bylickilabs /ai-enterprise-configuration-code-auditor

Sponsor

Star1

The AI Enterprise Configuration & Code Auditor is a server-side application for security, risk and configuration analysis of software projects uploaded as ZIP archives.

python sqlalchemy security-audit static-code-analysis jinja2 risk-analysis sqlite owasp server-side-rendering application-security security-scanner secure-development devsecops cis-benchmark code-auditing fastapi enterprise-security code-security configuration-audit zip-analysis

UpdatedJan 20, 2026
Python

Improve this page

Add a description, image, and links to thesecure-development topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with thesecure-development topic, visit your repo's landing page and select "manage topics."

Learn more

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

secure-development

Here are 36 public repositories matching this topic...

OWASP /pytm

wh0isdxk /DesenvolvimentoSeguro

nowsecure /secure-mobile-development

Autodesk /continuous-threat-modeling

yevh /TaaC-AI

nxenon /DevSecOps

rusakovichma /TicTaaC

Hack23 /ISMS-PUBLIC

CyberismoCom /cyberismo

ThalesGroup /besec

broadinstitute /dsp-appsec-infrastructure-apps

Hack23 /talks

dschulmeist /secure-design-patterns

yandex-cloud-examples /yc-webinar-security-pipeline-2023

CyberismoCom /module-secure-development-essentials

moogiio /SecureCodePuzzles

scottnorton-io /pci-dss-v4-article-series

gabrielldn /SecureFlow-CI-CD

tatilimongi /Secure-UserForm

bylickilabs /ai-enterprise-configuration-code-auditor

Improve this page

Add this topic to your repo