♾️ Collection of DevSecOps Notes + Resources + Courses + Tools

Sample code with security policies in Pulumi CrossGuard to implement preventive security checks in Infrastructure pipelines

An archive repository that holds all projects formed in the masters-level Software and Systems Security course (CSC-5585) at TTU.

MCP-Chat AI DevSecOps Demo A lightweight conversational AI that plugs into the Model Context Protocol (MCP). Includes automated SAST/DAST in CI/CD so every build flags and fixes container misconfigurations before they hit prod.

🔐 Enforce real CI/CD approval integrity — block self-approvals, detect reassigned approvals, and validate trusted approvers at runtime. Built by NextSecurity for teams scaling secure DevOps.

The goal is to stream vulnerabilities through the full DevSecOps lifecycle—identification, prioritization, automated fixes—powered by Qwiet’s Agentic AI capabilities in a continuous delivery workflow.

This repository contains an intentionally vulnerable Python Flask application used to demonstrate various security testing tools and DevSecOps practices. WARNING: This application contains serious security vulnerabilities. DO NOT use in production!