DSP AppSec Infrastructure Apps

This repository hosts DSP AppSec internal infrastructure deployed in GCP Kubernetes. Check the documentation in this link.

SDARQ - SDARQ is a coordination platform to guide both developers and appsec professionals through an SDLC and provide interfaces into various tools and bind them. Learn more in this link.

Tools integrated with SDARQ:

CIS Scanner - Security scanner that assess security posture of GCP projects.
Automated ZAP Scanner - Scripts running in GKE as Cronjobs to scan a specific list of endpoints.
DefectDojo
CodeDx

appsec@broadinstitute.org

Name		Name	Last commit message	Last commit date
Latest commit History 2,385 Commits
.github		.github
.vscode		.vscode
bastion		bastion
batch		batch
cis		cis
codedx		codedx
defectdojo		defectdojo
docs/src		docs/src
sdarq		sdarq
security-controls		security-controls
shared		shared
terraform		terraform
zap		zap
.gitignore		.gitignore
.sonarcloud.properties		.sonarcloud.properties
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
cloudbuild.yaml		cloudbuild.yaml

Provide feedback