A Pythonic framework for threat modeling

Principios e Boas Práticas sobre Desenvolvimento Seguro

A Collection of Secure Mobile Development Best Practices

A Continuous Threat Modeling methodology

AI-driven Threat modeling-as-a-Code (TaaC-AI)

♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used

Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure

This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

How to secure your development pipeline with static application security test (SAST) / Dynamic application security test (DAST), software composition analysis (SCA) using Sonarqube.

Self-service SDLC and maturity measurement

A security-as-code tool for making a difference in cybersecurity

implementation of some secure design patterns with explanation

Материалы к вебинару «Как выстроить процесс безопасной разработки в Yandex Cloud».

Just like chess puzzles, but with code

SecureFlow-CI-CD demonstrates a CI/CD pipeline using GitHub Actions to perform security checks and analyses on a Python project.

The Art of Software Engineering - The Road to better Software Development

A secure user authentication system with JWT, implementing best practices for secure development, including RBAC, PBAC, session expiration, password encryption with BCrypt, simple audit logging, and Docker containerization as part of a Secure Development course project.

Complete PCI DSS v4.0 Compliance Article Series — Requirements 1–12, Appendices A1/A2 and A3, Governance Assets, and Compliance Lifecycle Guidance.

Essentials for secure development, including threat modeling