D

devsecops

DevSecOps health check for self-managed GitLab. Measures engineering velocity, CI health, security posture, and team shape via REST and GraphQL APIs. Single binary, no runtime dependencies.

AI-powered security orchestration for GitLab CI/CD. Automated vulnerability patching, threat modeling, and compliance scoring with GPT-4 and Claude AI agents.

Skaledheim (SKM) is a modular platform designed to orchestrate distributed services inside a cohesive DevSecOps cluster oriented ecosystem.

Setup Static Application Secret Testing (SAST) in GitLab CI pipeline using NJSScan and Semgrep.

Probably the most modern and sophisticated insecure web application!

Clone of OWASP Juice Shop with GitLab branding and more.

Learn more by seeing our DevSecOps Tutorial

AI-driven autonomous penetration testing for your GitLab CI/CD pipeline. Scan for SQL injection, XSS, IDOR, SSRF, auth bypass and more on every push or merge request. Results in GitLab Security Dashboard (DAST report). Free tier available.

About FreePlayground is my public engineering lab notebook and proof-of-work repo. It captures weekly progress across DevOps fundamentals, cloud, automation, and security, plus the projects and experiments I build along the way.

Réaliser en solo une application web sécurisée (frontend + backend + base de données) en architecture microservices, déployée via Docker et orientée DevSecOps, avec authentification OAuth 2.0, chat en temps réel via WebSockets et observabilité complète.

This Git repository serves as a valuable resource for managing Dockerfiles and associated scripts.

Cheatsheet / IT toolbox

This Git repository serves as a valuable resource for managing Automations and associated scripts, like backups script, synchronization, etc.

SPM (Shell Package Manager) is a tool designed to manage shell-based applications and libraries.

Cloud-native DevOps portfolio project with Docker, Kubernetes, GitLab CI/CD, Terraform, AWS and Trivy.

KAVACH SecureCI — Autonomous security agent for GitLab pipelines. GitLab AI Hackathon 2026.

AI-assisted engineering evaluation framework for tools, pipelines, and compliance-aware platform decisions. Built with Pydantic AI. Supports tool grading, pipeline auditing, NIST/FedRAMP mapping, and supply chain review.

An AI-powered Security Agent built for the GitLab Duo Agent Challenge. Security Guardian automates vulnerability detection and provides suggested fixes directly in the SDLC.

🛡️ K-Guard: Kubernetes Security Automation & Remediation (PoC)

K-Guard is a DevSecOps proof-of-concept focused on automating vulnerability lifecycle and active defense workflows within K3s clusters.

Vulnerability Remediation: Automated image patching workflows using K8s API patches triggered by Trivy scan results. Network Segregation: Policy-as-Code implementation (Ansible) for Ingress hardening and CIDR-based access control. SecOps Alerting: Real-time incident notification system leveraging Cisco Webex API for rapid response. Self-Healing Exploration: Detecting configuration drifts and applying automated state recovery.

🛡️ K-Guard : Pilotage de la Sécurité & Automatisation Kubernetes (MVP)

K-Guard est un outil d'expérimentation DevSecOps conçu pour automatiser les workflows de détection et de remédiation sur clusters K3s. Il explore l'implémentation de la défense active via l'API Kubernetes.

Points Techniques Clés

Vulnerability Management : Pipeline de scan continu (Trivy) avec déclenchement de correctifs via Strategic Merge Patch sur les Deployments. Hardening Réseau : Automatisation de Network Policies (Ansible) pour l'isolation des flux Ingress (filtrage IPs Cloudflare / RFC 1918). Incident Response (IR) : Système d'alerte ChatOps via l'API Cisco Webex pour la notification en temps réel des failles critiques détectées. Infrastructure-as-Code : Logique de remédiation et de déploiement orchestrée via GitLab CI/CD et scripts d'automation (Python/Go).