🔭 Currently working on building API things for the Veracode platform.
📫 How to reach me:
Name: Tim Jarrett
Type: User
Company: @Veracode
Bio: VP, Product Management, @veracode
Twitter: tojarrett
Location: Burlington, MA
Blog: https://veracode.com
🔭 Currently working on building API things for the Veracode platform.
📫 How to reach me:
OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
TerraOak is Oak9's vulnerable IAC code repo for AWS. This repo will be used for learning and training purposes on how to implement a cloud security posture for AWS.
Update center backend
Go package for easy access to Veracode APIs
Includes the required workflows and configuration files for the Veracode GitHub app
Please use the fork of this project at https://github.com/veracode/veracode-archer
Collection of handy CLI shortcuts for Veracode APIs
Produces a PDF report summarizing the security state of a Collection in the Veracode Platform.
Generate a CycloneDX SBOM across multiple applications that are part of a Veracode Collection.
Unofficial list of interesting projects that build on the Veracode APIs.
Get a summary of all the information about dynamic flaws for an application to support remediation.
Simple script that demonstrates how to use veracode-api-py to create a Dynamic Analysis based on simple input.
Copies mitigations from one Veracode profile to another if it's the same flaw based on the following flaw attributes: issueid, cweid, type, sourcefile, and line. The script will copy all proposed and accepted mitigations for the flaw. The script will skip a flaw in the copy_to build if it already has an accepted mitigation.
Identifies and optionally rejects self-approved mitigations on policy-violating findings.
Deactivates a provided list of users on the Veracode Platform.
Onboarding tool that provisions a new team, API User, application profile, and SCA Agent workspace in Veracode so that a team can get working quickly.
Retrieves findings with APPROVED mitigations from an application's policy scan (or sandbox) and creates a baseline file for Pipeline Scan. Mitigations in a "proposed" state will not be retrieved.
Create a Pipeline Scan command line based on application and policy settings from Veracode
A collection of example application security "policies as code" that can be added to your Veracode organization account using the process below.
Simple example of usage of the Veracode API signing library provided on the Veracode Help Center
Sets Veracode sandboxes to auto-recreate on expiration, for individual applications or across a whole account.
Get a CSV report of the licenses for the libraries in your Veracode SCA Agent workspace.
Identify Veracode application profiles with one or more static scans in an incomplete state.
Get a quick list of modules with findings identified by a Veracode static scan.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.