Faraday's Command Line Interface

Fortify Jenkins plugin

coreSigma is a macOS ESF & UL telemetry pipeline, detection, and threat hunting app for security analysis, using Sigma and Sigma backend for rule creation and translation.

AegisFlow is a threat-aware CI/CD pipeline that integrates real-time threat intelligence (AlienVault OTX), MITRE ATT&CK-based static analysis, and SBOM-driven CVE detection to automate secure software delivery.

This project provides examples, scripts, and best practices for integrating Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) into modern CI/CD pipelines. The goal is to catch vulnerabilities early, automate remediation feedback, and ensure secure delivery without slowing down development.

End-to-end DevSecOps CI/CD pipeline integrating SAST, SCA, Secrets Scanning, Container Security, and DAST with automated security gates and deployment blocking using GitHub Actions.

Repository untuk tugas DevSecOps Week6 — Software Composition Analysis (SCA)

Production-ready DevSecOps pipeline — SAST, secrets, dependencies, container, DAST, signing & SBOM. Drop-in security for any CI/CD.

Secure CI/CD Blueprint for Angular & NestJS. Compliant with OWASP SPVS Level 1.

Python security gate with intelligent ML scoring that reduces false positives by 95%. Orchestrates Bandit, pip-audit, and Semgrep into a unified CI/CD pipeline. Includes baseline management, policy enforcement, and explainable predictions. Production-ready with comprehensive tests.

GitHub Actions pipeline that detects, gates, and audits AI-generated code — policy checks, security scans (Gitleaks + Semgrep), sandboxed tests, and risk-scored reviews

Production AppSec CI/CD pipeline — SAST, SCA, secrets, DAST, IaC

Orchestrate idea-to-delivery flows with multi-agent CLI planning, reviews, and task execution in one workspace