This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP DevSlop Project

From OWASP
Jump to: navigation, search
OWASP Project Header.jpg

OWASP DevSlop Tool Project

DevSlop: learning how application security professionals fit into DevOps.
 DevSlop Project Logo
DevSlop Project Logo

Project Website: DevSlop

Modern applications often use APIs, microservices and containerization to deliver faster and better products and services, however this changing landscape means security people need to step up their game. DevSlop, "Sloppy DevOps", is an exploration into this area, via several different modules consisting of pipelines, vulnerable apps, and The DevSlop Show, where project members learn and share.

Description

DevSlop has many modules, including:

Patty - An Azure DevSecOps pipeline, with constantly changing components, which published the project's website, DevSlop.co.

Pixi-CRS & Pixi-CRS-ZAP are two Circle-CI pipelines that demonstrate adding a WAF to your pipeline for automatic tuning before moving your apps to prod.

Pixi is an intentionally vulnerable app and consists of a vulnerable web app and API service. 

The DevSlop Show is a video streaming series where project members build things live, interview members of the OWASP and InfoSec community, and learn where they fit into DevOps.

 Pixi Logo
Pixi Logo

As more pieces of DevSlop are released they will be introduced here.

Licensing

This program is free software: you can redistribute it and/or modify it under the terms of the link GNU Affero General Public License 3.0 as published by the Free Software Foundation. OWASP DevSlop and any contributions are Copyright © by Nicole Becher & Tanya Janca 2017.

Project Resources

Source Code

What's New (Revision History)

Documentation

Wiki Home Page

Issue Tracker

Slide Presentation

Video

Project Leader

Tanya Janca Twitter

Nancy Gariché Twitter

Nicole Becher Twitter


Team Members

Franziska Bühler Twitter

Mordecai Kraushar


Related Projects

Classifications

Project Type Files TOOL.jpg
Incubator Project Owasp-builders-small.png
Owasp-defenders-small.png
Affero General Public License 3.0

News and Events