mirror of
https://github.com/nubenetes/awesome-kubernetes.git
synced 2026-05-21 16:43:36 +00:00
52 KiB
52 KiB
Devsecops
!!! info "Architectural Context" Detailed reference for Devsecops in the context of Hardened Infrastructure.
- snyk.io: The State of Open Source Security 2020 [COMMUNITY-TOOL]
- redhat.com: Balancing Linux security with usability [COMMUNITY-TOOL]
- devclass.com: Docker: It’s not dead yet, but there’s a tendency to walk away, security report finds [COMMUNITY-TOOL]
- cybersecuritydive.com: Relationships between DevOps, security warm slowly [COMMUNITY-TOOL]
- harness.io: Automated DevSecOps with StackHawk and Harness [COMMUNITY-TOOL]
- containerjournal.com: The What and Why of Cloud-Native Security [COMMUNITY-TOOL]
- sysdig.com: Top vulnerability assessment and management best practices [COMMUNITY-TOOL]
- arsouyes.org: PKCS, pem, der, key, crt,... [COMMUNITY-TOOL]
- redhat.com: 5 ways for teams to create an automation-first mentality [COMMUNITY-TOOL]
- softwebsolutions.com: What is DevSecOps and why your business needs it [COMMUNITY-TOOL]
- containerjournal.com: Siloscape: The Dark Side of Kubernetes [COMMUNITY-TOOL]
- redhat.com: Getting DevSecOps to production and beyond [COMMUNITY-TOOL]
- redhat.com: Red Hat's approach to DevSecOps [COMMUNITY-TOOL]
- sysdig.com: Triaging a Malicious Docker Container [COMMUNITY-TOOL]
- blog.sonatype.com: Python Packages Upload Your AWS Keys, env vars, Secrets to the Web [COMMUNITY-TOOL]
- sysdig.com: How to apply security at the source using GitOps | Eduardo Mínguez 🌟 [COMMUNITY-TOOL]
- containerjournal.com: Kubernetes Security in Your CI/CD Pipeline [COMMUNITY-TOOL]
- acloudguru.com: Cloud security risks: Why you should make apps Secure by Design [COMMUNITY-TOOL]
- sysdig.com: Getting started with runtime security and Falco [COMMUNITY-TOOL]
- Twistlock [COMMUNITY-TOOL]
- Threat Stack [COMMUNITY-TOOL]
- cloud.google.com: OWASP Top 10 mitigation options on Google Cloud 🌟 [COMMUNITY-TOOL]
- stackrox.com [COMMUNITY-TOOL]
- github.blog: Safeguard your containers with new container signing capability in GitHub Actions (cosign) [COMMUNITY-TOOL]
- blog.chainguard.dev: How To Verify Cosigned Container Images In Amazon ECS [COMMUNITY-TOOL]
- sysdig.com: How to secure Kubernetes deployment with signature verification [COMMUNITY-TOOL]
- developers.redhat.com: Authentication and authorization using the Keycloak REST API [COMMUNITY-TOOL]
- openshift.com: Geographically Distributed Stateful Workloads - Part 3: Keycloak [COMMUNITY-TOOL]
- blog.flant.com: Running fault-tolerant Keycloak with Infinispan in Kubernetes [COMMUNITY-TOOL]
- Git Credential Manager Core [COMMUNITY-TOOL]
- Git Credential Manager Core: Building a universal authentication experience [COMMUNITY-TOOL]
- harness.io: Managing Secrets in CI/CD Pipelines 🌟 [COMMUNITY-TOOL]
- cloud.google.com: Analyze secrets with Cloud Asset Inventory [COMMUNITY-TOOL]
- sops: Simple and flexible tool for managing secrets 🌟 [COMMUNITY-TOOL]
- jenkins-x.io: Setting up the secrets for your installation [COMMUNITY-TOOL]
- fpcomplete.com: Announcing Amber, encrypted secrets management [COMMUNITY-TOOL]
- unixarena.com: Terraform – Source credentials from AWS secret Manager [COMMUNITY-TOOL]
- argon2-cffi [COMMUNITY-TOOL]
- vaultproject.io [COMMUNITY-TOOL]
- harness.io: Tutorial: How to Use the New Vault Agent Integration Method With Harness [COMMUNITY-TOOL]
- docs.microsoft.com: Azure Key Vault [COMMUNITY-TOOL]
- techcommunity.microsoft.com: In preview: Azure Key Vault secrets provider extension for Arc enabled Kubernetes clusters [COMMUNITY-TOOL]
- vcloud-lab.com: Create Azure Key Vault Certificates on Azure Portal and Powershell [COMMUNITY-TOOL]
- ansible.com: Simplifying secrets management with CyberArk and Red Hat Ansible Automation Platform [COMMUNITY-TOOL]
- ansible.com: Automating Security with CyberArk and Red Hat Ansible Automation Platform [COMMUNITY-TOOL]
- GitOps secret management with bitnami-labs Sealed Secret and GoDaddy Kubernetes External Secrets 🌟 [COMMUNITY-TOOL]
- sysdig.com: 12 Container image scanning best practices to adopt in production [COMMUNITY-TOOL]
- sysdig.com: Sysdig 2021 container security and usage report: Shifting left is not enough 🌟 [COMMUNITY-TOOL]
- redhat.com: Improving Linux container security with seccomp 🌟 [COMMUNITY-TOOL]
- openshift.com: Signing and Verifying Container Images 🌟 [COMMUNITY-TOOL]
- docs.microsoft.com: Introduction to Azure Defender for container registries [COMMUNITY-TOOL]
- sysdig.com: Container security best practices: Ultimate guide 🌟 [COMMUNITY-TOOL]
- infracloud.io: Kubernetes Pod Security Policies with Open Policy Agent [COMMUNITY-TOOL]
- intezer.com: New Attacks on Kubernetes via Misconfigured Argo Workflows [COMMUNITY-TOOL]
- developer.ibm.com: Secure microservices by monitoring behavior [COMMUNITY-TOOL]
- sysdig.com: Mitigating CVE-2021-20291: DoS affecting CRI-O and Podman [COMMUNITY-TOOL]
- sysdig.com: Mitigating log4j with Runtime-based Kubernetes Network Policies [COMMUNITY-TOOL]
- Apache Log4j Security Vulnerabilities [COMMUNITY-TOOL]
- cloud.redhat.com: Log4Shell: Practical Mitigations and Impact Analysis of the Log4j Vulnerabilities [COMMUNITY-TOOL]
- dynatrace.com: Log4Shell vulnerability [COMMUNITY-TOOL]
- cyberscoop.com: The Log4j flaw is the latest reminder that quick security fixes are easier said than done [COMMUNITY-TOOL]
- devopszone.info: DevSecOps Explained [COMMUNITY-TOOL]
- linkedin: Dear Google, my data has left your building! [COMMUNITY-TOOL]
- kalilinuxtutorials.com: Deploying & Securing Kubernetes Clusters [COMMUNITY-TOOL]
- loves.cloud: Creating a fully automated DevSecOps CI/CD Pipeline [COMMUNITY-TOOL]
- thenewstack.io: Culture, Vulnerabilities and Budget: Why Devs and AppSec Disagree [COMMUNITY-TOOL]
- computing.co.uk: CloudBees gets busy with security, visibility and control as DevOps evolves [COMMUNITY-TOOL]
- devops.com: How to Successfully Integrate Security and DevOps [COMMUNITY-TOOL]
- helpnetsecurity.com: How to make DevSecOps stick with developers [COMMUNITY-TOOL]
- blog.christophetd.fr: Shifting Cloud Security Left — Scanning Infrastructure as Code for Security Issues [COMMUNITY-TOOL]
- opensource.com: How to adopt DevSecOps successfully [COMMUNITY-TOOL]
- devops.com: DevSecOps Trends to Know For 2021 [COMMUNITY-TOOL]
- devops.com: From Agile to DevOps to DevSecOps: The Next Evolution [COMMUNITY-TOOL]
- permission.site [COMMUNITY-TOOL]
- ais.com: Leaping into DevSecOps from DevOps [COMMUNITY-TOOL]
- infoq.com: The Defense Department's Journey with DevSecOps [COMMUNITY-TOOL]
- amazon.com: Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools [COMMUNITY-TOOL]
- infoq.com: 9 Trends That Are Influencing the Adoption of Devops and Devsecops in 2021 [COMMUNITY-TOOL]
- invensislearning.com: Difference between DevOps and DevSecOps [COMMUNITY-TOOL]
- techerati.com: DevSecOps: Eight tips for truly securing software [COMMUNITY-TOOL]
- devops.com: SecDevOps is the Solution to Cybersecurity 🌟 [COMMUNITY-TOOL]
- redeszone.net: No configurar bien la nube es culpable de la mayoría de vulnerabilidades [COMMUNITY-TOOL]
- thenewstack.io: Where Are You on the DevSecOps Maturity Curve? [COMMUNITY-TOOL]
- thenewstack.io: The Top 5 Secrets Management Mistakes and How to Avoid Them [COMMUNITY-TOOL]
- torq.io: 5 Security Automation Examples for Non-Developers [COMMUNITY-TOOL]
- infoq.com: Serverless Security: What's Left to Protect? [COMMUNITY-TOOL]
- dqindia.com: Secure your CI/CD pipeline with these tips from experts [COMMUNITY-TOOL]
- thenewstack.io: The DevSecOps Skillsets Required for Cloud Deployments [COMMUNITY-TOOL]
- devblogs.microsoft.com: You can’t have security for DevOps until you have DevOps for security [COMMUNITY-TOOL]
- goteleport.com: Anatomy of a Cloud Infrastructure Attack via a Pull Request [COMMUNITY-TOOL]
- cncf/tag-security: CNCF Security Technical Advisory Group 🌟 [COMMUNITY-TOOL]
- enterprisersproject.com: 5 DevSecOps open source projects to know [COMMUNITY-TOOL]
- Clair [COMMUNITY-TOOL]
- thenewstack.io: 10 Steps to Simplify Your DevSecOps [COMMUNITY-TOOL]
- devops.com: Transform Mobile DevOps into Mobile DevSecOps [COMMUNITY-TOOL]
- thenewstack.io: Infrastructure-as-Code: 6 Best Practices for Securing Applications 🌟 [COMMUNITY-TOOL]
- devops.com: Securing Your Software Development Pipelines [COMMUNITY-TOOL]
- thenewstack.io: How GitOps Benefits from Security-as-Code [COMMUNITY-TOOL]
- devops.com: Tips for a Successful DevSecOps Life Cycle [COMMUNITY-TOOL]
- blog.aquasec.com: Advanced Persistent Threat Techniques Used in Container Attacks [COMMUNITY-TOOL]
- thenewstack.io: 5 Misconceptions About DevSecOps [COMMUNITY-TOOL]
- thenewstack.io: Why Cloud Native Systems Demand a Zero Trust Approach [COMMUNITY-TOOL]
- opensource.com: 5 open source security resources from 2021 [COMMUNITY-TOOL]
- thenewstack.io: Open Source Democratized Software. Now Let’s Democratize Security [COMMUNITY-TOOL]
- goteleport.com: Why DevSecOps is Going Passwordless [COMMUNITY-TOOL]
- thenewstack.io: Want Real Cybersecurity Progress? Redefine the Security Team [COMMUNITY-TOOL]
- devops.com: Taking a DevSecOps Approach to API Security [COMMUNITY-TOOL]
- devops.com: Continuous Security: The Next Evolution of CI/CD [COMMUNITY-TOOL]
- devops.com: How to Seamlessly Transition to DevSecOps [COMMUNITY-TOOL]
- research.nccgroup.com: 10 real-world stories of how we’ve compromised CI/CD pipelines [COMMUNITY-TOOL]
- thenewstack.io: SecOps in a Post-COVID World: 3 Security Trends to Watch [COMMUNITY-TOOL]
- bleepingcomputer.com: Over 900,000 Kubernetes instances found exposed online [COMMUNITY-TOOL]
- freecodecamp.org: Authentication vs Authorization – What's the Difference? [COMMUNITY-TOOL]
- hmaslowski.com: macOS Security hardening with Microsoft Intune [COMMUNITY-TOOL]
- kubewarden.io: Scanning secrets in environment variables [COMMUNITY-TOOL]
- auth0.com: A Passwordless Future! Passkeys for Java Developers [COMMUNITY-TOOL]
- infracloud.io: How to Prevent Secret Leaks in Your Repositories [COMMUNITY-TOOL]
- thenewstack.io: Secured Access to Kubernetes from Anywhere with Zero Trust | Tenry Fu 🌟 [COMMUNITY-TOOL]
- rtinsights.com: Implementing Zero Trust for Kubernetes [COMMUNITY-TOOL]
- cisecurity.org: Where Does Zero Trust Begin and Why is it Important? [COMMUNITY-TOOL]
- thenewstack.io: How Do Authentication and Authorization Differ? [COMMUNITY-TOOL]
- osohq.com: Patterns for Authorization in Microservices [COMMUNITY-TOOL]
- oauth2-proxy/oauth2-proxy: OAuth2 Proxy 🌟 [COMMUNITY-TOOL]
- dev.to/fidalmathew: Session-Based vs. Token-Based Authentication: Which is better? [COMMUNITY-TOOL]
- dev.to/irakan: Is JWT really a good fit for authentication? [COMMUNITY-TOOL]
- github.com/hygieia/Hygieia 🌟 [COMMUNITY-TOOL]
- thenewstack.io: How Kubernetes vulnerabilities have shifted since the first attacks [COMMUNITY-TOOL]
- mirantis.com: Introduction to Istio Ingress: The easy way to manage incoming Kubernetes app traffic [COMMUNITY-TOOL]
- armosec.io: How to secure Kubernetes Ingress? [COMMUNITY-TOOL]
- thenewstack.io: StackRox KubeLinter Brings Security Linting to Kubernetes [COMMUNITY-TOOL]
- github.com/yannh/kubeconform 🌟 [COMMUNITY-TOOL]
- thenewstack.io: Security Insights into Infrastructure-as-Code [COMMUNITY-TOOL]
- Why you should be using Multi-Category Security (MCS) for your Linux containers [COMMUNITY-TOOL]
- Build trusted pipelines/Guards with Podman containers [COMMUNITY-TOOL]
- thenewstack.io: Project Calico: Kubernetes Security as SaaS [COMMUNITY-TOOL]
- Falco [COMMUNITY-TOOL]
- Security Patterns for Microservice Architectures [COMMUNITY-TOOL]
- Anchore [COMMUNITY-TOOL]
- thenewstack.io: Anchore: Scan Your Container Images for Vulnerabilities from the Command Line [COMMUNITY-TOOL]
- thenewstack.io: Latest OWASP Top 10 Surfaces Web Development Security Bugs [COMMUNITY-TOOL]
- thenewstack.io: OWASP Top 10: A Guide to the Worst Software Vulnerabilities [COMMUNITY-TOOL]
- owasp.org: OWASP API Security Project 🌟 [COMMUNITY-TOOL]
- traceable.ai: Use the OWASP API Top 10 To Secure Your APIs [COMMUNITY-TOOL]
- cequence.ai: The OWASP API Security Top 10 From a Real-World Perspective [COMMUNITY-TOOL]
- github.com/OWASP: OWASP Kubernetes Top 10 🌟 [COMMUNITY-TOOL]
- securecoding.com: Code Audit: How to Ensure Compliance for an Application [COMMUNITY-TOOL]
- redhat.com: Red Hat to Acquire Kubernetes-Native Security Leader StackRox [COMMUNITY-TOOL]
- trivy [COMMUNITY-TOOL]
- blog.aquasec.com: A Security Review of Docker Official Images: Which Do You Trust? (with trivy) [COMMUNITY-TOOL]
- returngis.net: Buscar vulnerabilidades en imágenes de Docker con Snyk [COMMUNITY-TOOL]
- iximiuz.com: The need for slimmer containers. Scanning official Python images with Snyk [COMMUNITY-TOOL]
- thenewstack.io: Find Vulnerabilities in Container Images with Docker Scan [COMMUNITY-TOOL]
- deepfence/YaraHunter [COMMUNITY-TOOL]
- Securing Kubernetes With Anchore [COMMUNITY-TOOL]
- Anchore: Secure Container Based CI/CD Workflows [COMMUNITY-TOOL]
- Jenkins Plugin: Anchore Container Image Scanner [COMMUNITY-TOOL]
- Notary [COMMUNITY-TOOL]
- Cosign: Container Signing [COMMUNITY-TOOL]
- infracloud.io: Enforcing Image Trust on Docker Containers using Notary [COMMUNITY-TOOL]
- infracloud.io: How to Secure Containers with Cosign and Distroless Images [COMMUNITY-TOOL]
- chrisns/cosign-keyless-demo: Cosign Keyless GitHub Action Demo [COMMUNITY-TOOL]
- itnext.io: Securing Kubernetes Workloads: A Practical Approach to Signed and Encrypted Container Images [COMMUNITY-TOOL]
- GitHub security: what does it take to protect your company from credentials leaking on GitHub? 🌟 [COMMUNITY-TOOL]
- forbes.com: DevOps Drives Pentesting Delivered As A Service [COMMUNITY-TOOL]
- keycloak.org [COMMUNITY-TOOL]
- Authorizing multi-language microservices with Louketo Proxy [COMMUNITY-TOOL]
- developers.redhat.com: A deep dive into Keycloak [COMMUNITY-TOOL]
- blog.getambassador.io: Step-by-Step Centralized Authentication for Kubernetes with Keycloak and the Ambassador Edge Stack [COMMUNITY-TOOL]
- blog.sighup.io: How to run Keycloak in HA on Kubernetes [COMMUNITY-TOOL]
- dev.to: KeyCloak with Nginx Ingress [COMMUNITY-TOOL]
- blog.gitguardian.com: Secrets in source code (episode 2/3). Why secrets in git are such a problem [COMMUNITY-TOOL]
- smallstep.com: How to Handle Secrets on the Command Line 🌟 [COMMUNITY-TOOL]
- github.com/keilerkonzept/aws-secretsmanager-files [COMMUNITY-TOOL]
- youtube: Which of your Kubernetes Apps are accessing Secrets? 🌟 [COMMUNITY-TOOL]
- jenkins-x/gsm-controller [COMMUNITY-TOOL]
- GoogleCloudPlatform/secrets-store-csi-driver-provider-gcp: Google Secret Manager Provider for Secret Store CSI Driver [COMMUNITY-TOOL]
- devops.com: DevOps Teams Struggling to Keep Secrets [COMMUNITY-TOOL]
- thorsten-hans.com: Encrypt your Kubernetes Secrets with Mozilla SOPS [COMMUNITY-TOOL]
- developers.redhat.com: Protect secrets in Git with the clean/smudge filter [COMMUNITY-TOOL]
- kubeopsskills/cloud-secret-resolvers: Cloud Secret Resolvers (CSR) [COMMUNITY-TOOL]
- thenewstack.io: Managing Secrets in Your DevOps Pipeline [COMMUNITY-TOOL]
- thenewstack.io: Kubernetes Secrets Management: 3 Approaches, 9 Best Practices [COMMUNITY-TOOL]
- commjoen/wrongsecrets: OWASP WrongSecrets [COMMUNITY-TOOL]
- aws/secrets-store-csi-driver-provider-aws: AWS Secrets Manager and Config Provider for Secret Store CSI Driver [COMMUNITY-TOOL]
- pyca/bcrypt [COMMUNITY-TOOL]
- docs.python.org: scrypt (standard library) [COMMUNITY-TOOL]
- cryptography.io: scrypt (cryptography) [COMMUNITY-TOOL]
- git-secret.io [COMMUNITY-TOOL]
- git-cipher [COMMUNITY-TOOL]
- hashicorp/vault [COMMUNITY-TOOL]
- hashicorp/vault-csi-provider: HashiCorp Vault Provider for Secrets Store CSI Driver [COMMUNITY-TOOL]
- github.com/kelseyhightower: Serverless Vault with Cloud Run [COMMUNITY-TOOL]
- confluent.io: How to Manage Secrets for Confluent with Kubernetes and HashiCorp Vault [COMMUNITY-TOOL]
- digitalvarys.com: Simple Introduction to HashiCorp Vault [COMMUNITY-TOOL]
- thenewstack.io: HashiCorp Releases HCP Vault to Combat ‘Secrets Management’ Fatigue [COMMUNITY-TOOL]
- datadoghq.com: Monitor HashiCorp Vault metrics and logs [COMMUNITY-TOOL]
- thenewstack.io: Reasons to Implement HashiCorp Vault and Other Zero Trust Tools [COMMUNITY-TOOL]
- testdriven.io: Running Vault and Consul on Kubernetes [COMMUNITY-TOOL]
- devopscube.com: How to Setup Vault in Kubernetes- Beginners Tutorial 🌟 [COMMUNITY-TOOL]
- devopscube.com: Vault Agent Injector Tutorial: Inject Secrets to Pods Using Vault Agent [COMMUNITY-TOOL]
- piotrminkowski.com: Vault on Kubernetes with Spring Cloud [COMMUNITY-TOOL]
- alexandre-vazquez.com: How To Inject Secrets in Pods To Improve Security with Hashicorp Vault in 5 Minutes 🌟 [COMMUNITY-TOOL]
- azure.github.io: Azure Key Vault Provider for Secrets Store CSI Driver [COMMUNITY-TOOL]
- akv2k8s.io: Azure Key Vault to Kubernetes akv2k8s 🌟 [COMMUNITY-TOOL]
- Azure Key Vault to Kubernetes [COMMUNITY-TOOL]
- Neoteroi/essentials-configuration-keyvault [COMMUNITY-TOOL]
- conjur.org [COMMUNITY-TOOL]
- infracloud.io: Securing Kubernetes Secrets with Conjur 🌟 [COMMUNITY-TOOL]
- dev.to: Manage your secrets in Git with SOPS for Kubernetes 🌟 [COMMUNITY-TOOL]
- aws.amazon.com: Managing secrets deployment in Kubernetes using Sealed Secrets 🌟 [COMMUNITY-TOOL]
- blog.container-solutions.com: The Birth of the External Secrets Community [COMMUNITY-TOOL]
- itnext.io: Secrets injection at runtime from external Vault into Kubernetes — POC [COMMUNITY-TOOL]
- jx-secret-postrenderer 🌟 [COMMUNITY-TOOL]
- thenewstack.io: Managing Kubernetes Secrets with AWS Secrets Manager 🌟 [COMMUNITY-TOOL]
- K8s Vault Webhook 🌟 [COMMUNITY-TOOL]
- thenewstack.io: Walkthrough: Bitwarden’s New Secrets Manager [COMMUNITY-TOOL]
- morey.tech: Bitwarden and External Secrets [COMMUNITY-TOOL]
- 10 Serverless security best practices [COMMUNITY-TOOL]
- thehackernews.com: Docker Images Containing Cryptojacking Malware Distributed via Docker Hub [COMMUNITY-TOOL]
- infracloud.io: The Ten Commandments of Container Security [COMMUNITY-TOOL]
- itnext.io: Hardening Docker and Kubernetes with seccomp 🌟 [COMMUNITY-TOOL]
- redhat.com: Introducing Red Hat Vulnerability Scanner Certification [COMMUNITY-TOOL]
- techbeacon.com: 17 open-source container security tools 🌟 [COMMUNITY-TOOL]
- GoogleContainerTools/container-structure-test [COMMUNITY-TOOL]
- dynatrace.com: Container security: What it is, why it’s tricky, and how to do it right [COMMUNITY-TOOL]
- Sigstore [COMMUNITY-TOOL]
- youtube: Hands-on Introduction to sigstore | Rawkode Live [COMMUNITY-TOOL]
- opensource.com: Sign and verify container images with this open source tool (sigstore) [COMMUNITY-TOOL]
- blog.nody.cc: Verify your Kubernetes Cluster Network Policies: From Faith to Proof [COMMUNITY-TOOL]
- DevSecOps – Static Analysis SAST with Jenkins Pipeline [COMMUNITY-TOOL]
- europeclouds.com: Implementing Aqua Security to Secure Kubernetes [COMMUNITY-TOOL]
- Pomerium [COMMUNITY-TOOL]
- fluentbit.io [COMMUNITY-TOOL]
- falco.org: Detect Malicious Behaviour on Kubernetes API Server through gathering Audit Logs by using FluentBit - Part 2 [COMMUNITY-TOOL]
- kubearmor.io [COMMUNITY-TOOL]
- itnext.io: Protecting Your Kubernetes Environment With KubeArmor [COMMUNITY-TOOL]
- itnext.io: Helm 3 — Secrets management, an alternative approach 🌟 [COMMUNITY-TOOL]
- itnext.io: Manage Auto-generated Secrets In Your Helm Charts 🌟 [COMMUNITY-TOOL]
- hashcat [COMMUNITY-TOOL]
- devops.com: How to Automate PKI for DevOps With Open Source Tools [COMMUNITY-TOOL]
- cybersecsi/HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion [COMMUNITY-TOOL]
- itnext.io: Top 6 Threat Detection Tools for Containers [COMMUNITY-TOOL]
- thenewstack.io: AWS Open Sources Security Tools [COMMUNITY-TOOL]
- sentinelone.com: Reducing Human Effort in Cybersecurity | Why We Are Investing in Torq’s Automation Platform [COMMUNITY-TOOL]
- pkg.go.dev/knative.dev/security-guard [COMMUNITY-TOOL]
- Microservices Security in Action [COMMUNITY-TOOL]
- github.com/aws-samples: Apache Log4j2 CVE-2021-44228 node agent [COMMUNITY-TOOL]
- proferosec/log4jScanner [COMMUNITY-TOOL]
- edition.cnn.com: The Log4j security flaw could impact the entire internet. Here's what you should know [COMMUNITY-TOOL]
- yahoo/check-log4j [COMMUNITY-TOOL]
- welivesecurity.com: Lo que todo líder de una empresa debe saber sobre Log4Shell [COMMUNITY-TOOL]
- genbeta.com: "Internet está en llamas": Cloudflare ha detectado más de 24.600 ataques por minuto que explotaban la vulnerabilidad Log4Shell [COMMUNITY-TOOL]
- Maelstromage/Log4jSherlock [COMMUNITY-TOOL]
- vpnranks.com: Belgian Defense Ministry Under Cyber Attack Due to Log4j Vulnerability [COMMUNITY-TOOL]
- dynatrace.com: Log4Shell vulnerability discovery and mitigation require automatic and intelligent observability [COMMUNITY-TOOL]
- thenewstack.io: Yet Another Log4j Security Problem Appears [COMMUNITY-TOOL]
- cisagov/log4j-scanner [COMMUNITY-TOOL]
- google/log4jscanner [COMMUNITY-TOOL]
- thehackernews.com: Microsoft Warns of Continued Attacks Exploiting Apache Log4j Vulnerabilities [COMMUNITY-TOOL]
- zdnet.com: Log4j: Google and IBM call for list of critical open source projects [COMMUNITY-TOOL]
- it.slashdot.org: And the Top Source of Critical Security Threats Is...PowerShell [COMMUNITY-TOOL]
- therecord.media: UK government plans to release Nmap scripts for finding vulnerabilities [COMMUNITY-TOOL]
- thenewstack.io: WAF: Securing Applications at the Edge [COMMUNITY-TOOL]
- zdnet.com: Google releases new open-source security software program: Scorecards [COMMUNITY-TOOL]
- tryhackme.com: Metasploit: Introduction [COMMUNITY-TOOL]
- socket.dev: Introducing Socket [COMMUNITY-TOOL]
- deepfence/ThreatMapper 🌟 [COMMUNITY-TOOL]
- github.com/goauthentik/authentik [COMMUNITY-TOOL]
- github.com/openappsec/openappsec [COMMUNITY-TOOL]
- Microsoft Security Copilot [COMMUNITY-TOOL]
- github.com/prowler-cloud/prowler 🌟🌟 [COMMUNITY-TOOL]