Does it support Kubernetes security policies?

Absolutely, it covers policy-as-code enforcement using tools like OPA Gatekeeper and Kyverno to prevent the deployment of insecure or privileged containers.

What security scanning types does this skill support?

It provides implementation patterns for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) for dependencies.

Can this skill help prevent secret leaks?

Yes, it includes guidance on using pre-commit hooks and secrets management backends like HashiCorp Vault or AWS Secrets Manager to ensure credentials are never committed to Git.

How does it help with regulatory compliance?

The skill includes specialized resources for mapping security controls to frameworks like SOC2, PCI-DSS, and HIPAA, facilitating automated audits and compliance reporting.

DevSecOps Security Integration

Name: DevSecOps Security Integration
Author: weirdgme

byweirdgme

•

安全与测试

Integrates automated security scanning, secrets management, and policy-as-code directly into the software development lifecycle.

关于

This skill empowers developers to implement a robust 'shift-left' security strategy by automating vulnerability detection and compliance enforcement. It provides comprehensive guidance on integrating SAST, DAST, and SCA scanning into CI/CD pipelines, managing secrets securely with enterprise-grade tools, and defining infrastructure policies as code using OPA or Kyverno. By embedding security practices from code commit through to production, this skill ensures that security is a continuous, automated part of the development process rather than a final manual gate.

主要功能

Secure secrets management and credential rotation
Policy-as-code enforcement with OPA and Kyverno
Automated SAST, DAST, and SCA scanning integration
Compliance automation for SOC2, PCI-DSS, and HIPAA
Container image hardening and vulnerability management
3 GitHub stars

使用场景

Hardening CI/CD pipelines with automated security gates
Implementing enterprise secrets management to prevent leaks
Enforcing security policies across Kubernetes clusters

关于

主要功能

Secure secrets management and credential rotation
Policy-as-code enforcement with OPA and Kyverno
Automated SAST, DAST, and SCA scanning integration
Compliance automation for SOC2, PCI-DSS, and HIPAA
Container image hardening and vulnerability management
3 GitHub stars

使用场景

Hardening CI/CD pipelines with automated security gates
Implementing enterprise secrets management to prevent leaks
Enforcing security policies across Kubernetes clusters