am0stafa / devsecops-pipeline Goto Github PK
View Code? Open in Web Editor NEWA pipeline that include Qwiet (SAST), Snyk (SCA), and Trivy (Container and OS Scanning), alongside SonarCloud for continuous code quality check, process for generating Software Bill of Materials (SBOM), Interactive Application Security Testing (IAST), dynamic testing (DAST) and Incorporated Infrastructure as Code (IaC) scanning
License: Other