All activity
The fully open source code analysis engine. Quickly analyze large code bases & fix security issues at scale.
Initiated by 10 rival security orgs, Opengreps promises to advance and commoditize static code security for the free use of all.
Opengrep
The open source code security engine
GitGoat is an open source tool built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repos without a risk to your production data.
GitGoat
Intentionally Misconfigured GitHub User + Repo + Teams Data
Software supply chain attacks have caught the security community off-guard. Arnica, starting with GitHub & Azure DevOps, addresses the two primary root causes:
1) 🪄 excessive permissions to developer tools
2) 🥸 lack of abnormal behavior detection
1) 🪄 excessive permissions to developer tools
2) 🥸 lack of abnormal behavior detection
Arnica
Behavior based software supply chain security