List of Rugged DevOps Tools

ListOfRuggedDevOpsTools.md

Static Code Analysis

• Overview of tools
• Visual Studio 2017 Code Analysis
• Visual Studio 2019 Code Analysis
• Visual Studio 2019 Code Analyzers
• SonarLint
• Powershell Analyzer
• CheckMarx
• Code extensions for Visual Studio
• Veracode Static Code Analysis
• Fortify Static Code Analysis
• Synopsis Coverity

Infrastructure Security and Threat Monitors

• UpGuard
• Microsoft Operations Management Suite
• Microsoft Operations Management Suite Azure
• Chef Compliance
• Tripwire
• OSSEC
• ShiftLeft
• Contrast Security
• Prisma Cloud
• Tanium - Endpoint Security
• FireEye
• Azure Security Centre
• CodeDX
• Azure Sentinel
• Azure Network Watcher

Static Security Analysis

• Brakeman - Static analysis security scanner for Ruby on Rails
• Burp Suite - Security Testing in Pipelin
• Snyk - helps you use open source and stay secure
• WhiteSource - Secure Your Open Source Components
• OWASP ZAP - Security Testing in pipeline
• Nessus - Vulnerability assessment for teams
• OWASP Dependency checker
• Sonatype Dependency Checker
• Sonatype OSS
• Source Clear - Security for Teams Using Open-Source Code
• Microfocus Fortify
• Synopsis Coverity
• Github Security Tools
• Synopsis Blackduck
• Aqua Container security

Dynamic Security Testing

• GauntIt
• GauntIt - Explanation
• NMap - Network discovery and security auditing.

Infrastructure and Compliancy Testing

• InSpec
• ServerSpec

Sensitive Data in Git

• Talisman
• GitRob
• Git-Secrets
• CredScan - Microsoft
• CredScan in Pipeline
• GitHound
• TruffleHog

Lab Management

• Beaker
• Azure DevTest Labs
• Azure Lab Services

PenTesting

• MetaSploit

Artifact Repositories

• Sonatype Nexus
• Jfrog Artifactory
• MyGet