List of Comprehensive DevSecOps Tools

Posted by

Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Here are some comprehensive DevSecOps tools

  • Aqua Security
  • Checkmarx
  • Contrast Security
  • OWASP ZAP
  • SonarQube
  • Synopsys Sentinel
  • Veracode
  • WhiteHat Sentinel

Here is a list of comprehensive DevSecOps tools that cover various aspects of security integration within the software development lifecycle:

1. SAST Tools (Static Application Security Testing):

  • Checkmarx
  • Fortify Static Code Analyzer
  • SonarQube
  • Veracode Static Analysis

2. DAST Tools (Dynamic Application Security Testing):

  • OWASP ZAP (Zed Attack Proxy)
  • Burp Suite
  • Acunetix
  • WebInspect

3. SCA Tools (Software Composition Analysis):

  • Black Duck by Synopsys
  • WhiteSource
  • Snyk
  • Nexus Lifecycle

4. IAST Tools (Interactive Application Security Testing):

  • Contrast Security
  • Seeker by Synopsys
  • AppSpider

5. RASP Tools (Runtime Application Self-Protection):

  • Sqreen
  • Contrast Protect
  • Wallarm

6. Container Security:

  • Aqua Security
  • Twistlock
  • Sysdig Secure
  • Anchore

7. Infrastructure as Code (IaC) Security:

  • Terraform
  • Checkov
  • Terrascan

8. Vulnerability Scanners:

  • Nessus
  • OpenVAS
  • Qualys

9. Security Information and Event Management (SIEM):

  • Splunk
  • ELK Stack (Elasticsearch, Logstash, Kibana)
  • Sumo Logic

10. Threat Intelligence Platforms:

  • ThreatConnect
  • Recorded Future
  • Anomali

11. Orchestration and Automation:

  • Ansible
  • Puppet
  • Chef

12. Compliance and Configuration Management:

  • Chef Compliance
  • InSpec
  • OpenSCAP

13. Identity and Access Management (IAM):

  • Okta
  • Auth0
  • Keycloak

14. Secrets Management:

  • HashiCorp Vault
  • CyberArk

15. Continuous Integration/Continuous Deployment (CI/CD):

  • Jenkins
  • GitLab CI/CD
  • CircleCI

16. Cloud Security:

  • AWS Config
  • Azure Security Center
  • Google Cloud Security Command Center

17. DevSecOps Platforms:

  • GitLab (Integrated DevSecOps features)
  • JFrog Platform (Security integration with Artifactory)

18. Threat Modeling Tools:

  • OWASP Threat Dragon
  • Microsoft Threat Modeling Tool

19. Security Testing Frameworks:

  • OWASP Application Security Verification Standard (ASVS)
  • OWASP Testing Guide
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x