GitHub action for performing SAST scanning using various oss tools such as gitleaks, bandit, findsecbugs etc

A collection of reusable GitHub Actions that standardise DevSecOps security scanning i.e. SCA, SAST, DAST, secrets, IaC, and container security.

A GitHub action aggregating SAST tools to scan code for vulnerabilities

🔒 Security Scanning for Github Actions; SAST, DAST, Secrets, and Dependencies

Exemplo de workflow de segurança que realiza testes SAST, SCA, Secrets Scan e IaC Scan via GitHub Actions utilizando ferramentas open source.

AccuKnox CI/CD Action for SAST

Perform an Opengrep SAST scan on your repository and upload the results to AccuKnox.

This project provisions a secure, production-style AWS infrastructure for a web application using Terraform and GitHub Actions. The solution demonstrates modern cloud security practices such as automated CI/CD, Infrastructure as Code (IaC), and security scanning at multiple layers (SAST, SCA, DAST, secrets).

Pipeline DevSecOps para API REST com SAST, scan de dependências, segurança de containers e DAST automatizados via GitHub Actions.

DevSecOps security pipeline with automated SAST, SCA, DAST, container scanning, and secret detection. Features 11 parallel security jobs, quality gates, compliance reporting, and auto-generated dashboards. Built with GitHub Actions for CI/CD integration.

Elevate CI/CD security with ready-to-use templates for GitHub Actions, Azure DevOps, & GitLab CI. Covering SAST, SCA, IaC, Docker scans, & secret detection. A one-stop solution for developers aiming for safer SDLC

Secure CI/CD pipeline implementing DevSecOps practices using GitHub Actions. Includes SAST with Semgrep, DAST with OWASP ZAP, and secret scanning via GitLeaks. Uses Docker, Kubernetes, ArgoCD, and Sealed Secrets for secure, GitOps-based deployment across staging and production environments. Ask ChatGPT

No description available

GitHub action for FoD SAST scan

No description available

No description available

No description available

No description available

No description available

No description available

Lint, SAST, SCA, IaC, and secret scanning Action for Factory Framework

Dojigiri SAST security scan for GitHub Actions — 1,771 rules, 8 languages

Demo: Semgrep SAST + FOSSA licence scanning with GitHub Actions CI/CD integration

a post action batch script for SAST to send email to a recipient with SAST scan results finding URL

Reusable DevSecOps container with SAST, SCA, IaC, and secrets scanning for GitHub Actions

A simple DevSecOps project that uses GitHub Actions and Semgrep for SAST scanning.

Ready-to-fork DevSecOps pipelines: GitHub Actions templates with DAST/SAST/image-scan gates.

CI/CD Pipeline demonstrating automated vulnerability scanning (SAST/DAST) using Trivy in GitHub Actions.

Practical CI/CD Security lab (Python + Docker + GitHub Actions) integrating secret scanning, vulnerability scanning, and SAST with documented security decisions.

DevSecOps CI/CD pipeline lab with SAST, SCA, secrets scanning and container security using GitHub Actions