Secure development, DevSecOps
OWASP, OpenSAMM and related
Vendors
Concepts
Secure coding
DevSecOps - Security testing in continuous integration and DevOps
NIST
Other tools
- Sysdig
- Frida Greasemonkey for native apps, i.e. a dynamic code instrumentation toolkit that lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX
- Fortify - Wikipedia
- Fortify - Microfocus - originally static code analysis
- Tenable - manage cyber exposure - home of Nessus
- Mittn - an evolving suite of security testing tools to be run in Continuous Integration context that uses Python and Behave.
- Gauntlt
- BDD security- publications
Building blocks
Training
Solution providers
Tools