C

Compliance

A suite of tools to assist with reviewing Open Source Software dependencies. (Mirrored from https://github.com/oss-review-toolkit/ort)

Business Entertainment and Amenity Review (BEAR) process tracking system for Red Hat funding of external (non-RH) contributors in upstream open source communities. This is used for legal and compliance purposes. Data about individuals is confidential.

Probably the most modern and sophisticated insecure web application!

Clone of OWASP Juice Shop with GitLab branding and more.

Learn more by seeing our DevSecOps Tutorial

CLI tool for GitLab automation: sync groups to local filesystem and audit projects against security & OpenSSF best practices with automated scoring

A Python-based CLI tool designed to scan GitLab projects for compliance against the CIS GitLab Benchmark. Check out the recommendations-as-code in this repo. Read the docs for more info.

AI-powered security orchestration for GitLab CI/CD. Automated vulnerability patching, threat modeling, and compliance scoring with GPT-4 and Claude AI agents.

Compliance service enforcing rules defined in the TrustFramework - Architecture Document/Compliance Document

Source of truth for the Compliance engine, validating certificate are conforming to rules, providing shapes, schemas and trusted sources

Accounting software used to get earnings from each subscriber. This project is meant to showcase GitLab Compliance Frameworks.

A fully automated 13-stage DevSecOps CI/CD pipeline that integrates security, compliance, and cloud-native deployment using GitLab CI and Amazon EKS.

The pipeline demonstrates real-world DevSecOps practices including:

• SAST, dependency, container, IaC, and Kubernetes manifest scanning • SBOM generation (CycloneDX) • Automated POA&M creation mapped to NIST controls • Evidence packaging for compliance audits • Secure image push to Amazon ECR • Deployment and validation on Amazon EKS • Full run-to-completion behavior (lab mode) with findings documented rather than blocking

This project showcases an end-to-end secure software supply chain workflow suitable for: cloud engineering, DevOps, cybersecurity, and compliance automation demonstrations.

A JavaScript-based content safety system designed to detect and filter sensitive media in real-time, ensuring platform compliance and user protection.

Let someone else do your CI/CD Jobs!! This repo contains gitlab CI/CD jobs. It is designed so that you can add this repo as a git sub-module to import to your projects to run the jobs.

Project administration involves a constant organizational constraint. Clarifying these constraints and facilitating their application are essential for the success of projects.

Items: strategy, project administration, management, issuance ticket templates, workflow, structural components, standards

Examples for GitLab CI/CD integration with Parasoft Jtest

A local Infrastructure-as-Code (IaC) development environment for security and compliance validation. The current iteration uses Terraform and AWS emulation via LocalStack, focusing on IAM roles, secrets management, S3 access control and regulatory policies (e.g., GDPR/HIPAA). Implemented constrained DevSecOps practices within a local development context.

Nous pourrons partager vos informations avec des tiers dans l’une des circonstances suivantes : avec votre consentement, avec nos prestataires de services, à des fins de sécurité, pour nous conformer à nos obligations légales ou en cas de changement de contrôle ou de vente d’entités ou d’unités commerciales. Nous ne vendons pas vos informations à caractère personnel et nous n’hébergeons pas de publicité sur GitHub. Vous pouvez consulter la liste des prestataires qui ont accès à vos informations à caractère personnel. Autres informations importantes Nous fournissons des informations supplémentaires spécifiques aux contenus de répertoire, informations publiques et Organisations sur GitHub. Services supplémentaires Nous fournissons des informations concernant les offres de service supplémentaire, y compris les applications tierces, les Pages et les applications GitHub. Comment vous pouvez accéder aux informations que nous collectons et les contrôler Nous vous donnons les moyens d’accéder aux informations à caractère personnel et de les modifier ou de le

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +90 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, and more. This is a mirror and the main repo is on Github.

Examples for GitLab CI/CD integration with Parasoft C/C++test

Examples for GitLab CI/CD integration with Parasoft dotTEST