Tools Used

What’s included in the environment?

The environment contains the following tools used in different stages of DevSecOps.

Detailed tool list

Technology Tools
PenTest Toolkit: Nmap, Metasploit
Static Analysis Tools: Brakeman, bandit, findbugs
Dynamic Analysis Tools: ZAP proxy, Gaunlt
Hardening: DevSec Ansible OS Hardening
Compliance: Inspec
Operating System : Ubuntu Xenial (16.04)
Programming Languages: Java, Python 2, Python 3, Ruby/Rails
Container Technology: Docker
Source Code Management: Gitlab (github like system)
CI Server: Gitlab CI/Jenkins
Configuration Management: Ansible
Monitoring and Log management: Elastic Search, LogStash and Kibana
Cloud Provider Utilities: AWS CLI
Utilities: Git, Vim, curl, wget,