Curated catalog of generally useful kpt functions

TrendAI Vision One Container Security Scan Action

Static analysis from configs → Kubernetes NetworkPolicies in seconds

Managing GitHub Advanced Security (GHAS) Controls at Scale

Pentesterra DevGuard performs a comprehensive security audit of your development environment before code reaches production - supply chain vulnerabilities, exposed secrets, AI toolchain risks, and cryptographic weaknesses, all detected locally and analyzed in the cloud.

A complete DevSecOps CI/CD automation pipeline for a Node.js application using GitHub Actions, Docker, Trivy security scanning, and Kubernetes (Minikube), implementing shift-left security and cloud-native deployment practices.

Pre-cloud web application security assessment including vulnerability analysis, remediation, and cloud security controls.

Enterprise-style DevSecOps CI/CD pipeline demo using GitHub Actions, Semgrep, CodeQL, TruffleHog, pip-audit, and pre-commit.

A production-style DevSecOps CI/CD pipeline demonstrating shift-left security with open-source tools. It performs SAST, secrets detection, dependency and container scanning, SBOM generation, and image signing before deploying to Kubernetes. The pipeline can run locally or via GitHub Actions and generates security reports for validation.

Git hooks for improving developer experience and security

deliver SAST results to gitlab merge request discussions https://github.com/jonny64/sarif2gl/wiki https://npmjs.com/package/sarif2gl

SAGA: O Motor Corporativo de Paved Road. Transforme segurança de um gargalo bloqueador para uma arquitetura invisível via Secretless Deployments, Combate à Shadow AI e Barramento Abstraído Universal de Dados Zero Trust.

Container version of Featmap for building, planning and communicating product backlogs & releases