tjarrettveracode Goto Github PK

serverless-goat

OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

terraoak.aws

TerraOak is Oak9's vulnerable IAC code repo for AWS. This repo will be used for learning and training purposes on how to implement a cloud security posture for AWS.

tjarrettveracode

update-center2

Update center backend

vcodeapi

Go package for easy access to Veracode APIs

veracode

Includes the required workflows and configuration files for the Veracode GitHub app

veracode-app-profiles-export

veracode-archer

Please use the fork of this project at https://github.com/veracode/veracode-archer

veracode-ci

veracode-cli-shortcuts

Collection of handy CLI shortcuts for Veracode APIs

veracode-collections-report

Produces a PDF report summarizing the security state of a Collection in the Veracode Platform.

veracode-collections-sbom

Generate a CycloneDX SBOM across multiple applications that are part of a Veracode Collection.

veracode-community-projects

Unofficial list of interesting projects that build on the Veracode APIs.

veracode-dyn-details

Get a summary of all the information about dynamic flaws for an application to support remediation.

veracode-dyn-hello-world

Simple script that demonstrates how to use veracode-api-py to create a Dynamic Analysis based on simple input.

veracode-manual-for-github

veracode-mitigation-copier

Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. The script will copy all proposed and accepted mitigations for the flaw. The script will skip a flaw in the copy_to build if it already has an accepted mitigation.

veracode-mitigation-rejector

Identifies and optionally rejects self-approved mitigations on policy-violating findings.

veracode-offboard

Deactivates a provided list of users on the Veracode Platform.

veracode-onboard-app

Onboarding tool that provisions a new team, API User, application profile, and SCA Agent workspace in Veracode so that a team can get working quickly.

veracode-pipeline-mitigation

Retrieves findings with APPROVED mitigations from an application's policy scan (or sandbox) and creates a baseline file for Pipeline Scan. Mitigations in a "proposed" state will not be retrieved.

veracode-pipeline-script-template

Create a Pipeline Scan command line based on application and policy settings from Veracode

veracode-policy-examples

A collection of example application security "policies as code" that can be added to your Veracode organization account using the process below.

veracode-python-api_credentials_expiry-example

veracode-python-hmac-example

Simple example of usage of the Veracode API signing library provided on the Veracode Help Center

veracode-sandbox-auto-recreate

Sets Veracode sandboxes to auto-recreate on expiration, for individual applications or across a whole account.

veracode-sca-license-report

Get a CSV report of the licenses for the libraries in your Veracode SCA Agent workspace.

veracode-scan-counts

Identify Veracode application profiles with one or more static scans in an incomplete state.

veracode-static-bom

Get a quick list of modules with findings identified by a Veracode static scan.