Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/broadinstitute/dsp-appsec-infrastructure-apps

This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

https://github.com/broadinstitute/dsp-appsec-infrastructure-apps

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (6.0%) to scientific vocabulary

Keywords

application-security appsec appsec-tools appsecurity cis-scanner devsecops secure-development security security-automation security-scan security-scanner security-tools zap-scanner
Last synced: 5 months ago · JSON representation

Repository

This repository hosts DSP AppSec internal infrastructure apps deployed in GKE.

Basic Info
Statistics
  • Stars: 7
  • Watchers: 4
  • Forks: 2
  • Open Issues: 6
  • Releases: 0
Topics
application-security appsec appsec-tools appsecurity cis-scanner devsecops secure-development security security-automation security-scan security-scanner security-tools zap-scanner
Created almost 6 years ago · Last pushed 7 months ago
Metadata Files
Readme Contributing License Code of conduct Security

README.md

DSP AppSec Infrastructure Apps

Quality Gate Status

This repository hosts DSP AppSec internal infrastructure deployed in GCP Kubernetes. Check the documentation in this link.

Apps

  • SDARQ - SDARQ is a coordination platform to guide both developers and appsec professionals through an SDLC and provide interfaces into various tools and bind them. Learn more in this link.

Tools integrated with SDARQ: - CIS Scanner - Security scanner that assess security posture of GCP projects. - Automated ZAP Scanner - Scripts running in GKE as Cronjobs to scan a specific list of endpoints. - DefectDojo - CodeDx

Questions

appsec@broadinstitute.org

Owner

  • Name: Broad Institute
  • Login: broadinstitute
  • Kind: organization
  • Location: Cambridge, MA

Broad Institute of MIT and Harvard

GitHub Events

Total
  • Watch event: 1
  • Delete event: 41
  • Issue comment event: 141
  • Push event: 119
  • Pull request review comment event: 29
  • Pull request review event: 59
  • Pull request event: 75
  • Create event: 39
Last Year
  • Watch event: 1
  • Delete event: 41
  • Issue comment event: 141
  • Push event: 119
  • Pull request review comment event: 29
  • Pull request review event: 59
  • Pull request event: 75
  • Create event: 39

Issues and Pull Requests

Last synced: 6 months ago

All Time
  • Total issues: 0
  • Total pull requests: 132
  • Average time to close issues: N/A
  • Average time to close pull requests: 14 days
  • Total issue authors: 0
  • Total pull request authors: 7
  • Average comments per issue: 0
  • Average comments per pull request: 0.34
  • Merged pull requests: 97
  • Bot issues: 0
  • Bot pull requests: 19
Past Year
  • Issues: 0
  • Pull requests: 30
  • Average time to close issues: N/A
  • Average time to close pull requests: 13 days
  • Issue authors: 0
  • Pull request authors: 3
  • Average comments per issue: 0
  • Average comments per pull request: 0.87
  • Merged pull requests: 17
  • Bot issues: 0
  • Bot pull requests: 15
View more stats
Top Authors
Issue Authors
  • dependabot[bot] (1)
Pull Request Authors
  • zbedo (95)
  • dependabot[bot] (41)
  • sarahgibs (34)
  • dinvlad (18)
  • ssyms (12)
  • TomConner (10)
  • adrazhi (5)
Top Labels
Issue Labels
dependencies (1) javascript (1)
Pull Request Labels
dependencies (41) javascript (25) python (16)

Dependencies

docs/src/website/package.json npm
  • docusaurus ^1.14.4 development
  • @docusaurus/theme-classic ^2.0.0-alpha.37
  • @docusaurus/theme-search-algolia ^2.0.0-alpha.32
sdarq/frontend/package-lock.json npm
  • 1038 dependencies
sdarq/frontend/package.json npm
  • @angular-devkit/build-angular ^14.1.0 development
  • @angular-eslint/builder 14.0.2 development
  • @angular-eslint/eslint-plugin 14.0.2 development
  • @angular-eslint/eslint-plugin-template 14.0.2 development
  • @angular-eslint/schematics 14.0.2 development
  • @angular-eslint/template-parser 14.0.2 development
  • @angular/cli ^14.1.0 development
  • @angular/compiler-cli ^14.1.0 development
  • @types/jasmine ^3.5.14 development
  • @types/knockout ^3.4.69 development
  • @types/node ^14.10.2 development
  • @typescript-eslint/eslint-plugin ^5.29.0 development
  • @typescript-eslint/parser ^5.29.0 development
  • codelyzer ^0.0.28 development
  • eslint ^8.18.0 development
  • jasmine-core ^3.6.0 development
  • jasmine-spec-reporter ^5.0.2 development
  • karma ^6.3.2 development
  • karma-chrome-launcher ^3.1.0 development
  • karma-cli ^2.0.0 development
  • karma-coverage-istanbul-reporter ^3.0.3 development
  • karma-jasmine ^4.0.1 development
  • karma-jasmine-html-reporter ^1.5.4 development
  • raw-loader ^4.0.1 development
  • style-loader ^1.2.1 development
  • ts-node ^9.0.0 development
  • tslint ^6.1.3 development
  • typescript 4.7.4 development
  • @angular/animations ^14.1.0
  • @angular/cdk ^11.2.13
  • @angular/common ^13.0.2
  • @angular/compiler ^14.1.0
  • @angular/core ^14.1.0
  • @angular/forms ^14.1.0
  • @angular/localize ^14.1.0
  • @angular/platform-browser ^14.1.0
  • @angular/platform-browser-dynamic ^14.1.0
  • @angular/platform-server ^14.1.0
  • @angular/router ^14.1.0
  • @fortawesome/fontawesome-free ^6.1.2
  • @ng-bootstrap/ng-bootstrap ^7.0.0
  • @types/chart.js ^2.9.24
  • angular-bootstrap-md ^13.0.0
  • animate.css ^4.1.1
  • babel-loader ^7.1.5
  • bootstrap ^4.6.2
  • chart.js ^2.9.4
  • ckeditor ^4.12.1
  • core-js ^3.6.5
  • hammerjs ^2.0.8
  • jquery ^3.5.1
  • json2csv ^5.0.6
  • rxjs ^6.6.3
  • sass ^1.32.13
  • survey-angular ^1.8.2
  • survey-creator ^1.8.2
  • survey-knockout ^1.8.2
  • survey-pdf ^1.8.2
  • surveyjs-widgets ^1.8.2
  • tslib ^2.0.1
  • velocity-animate ^1.5.2
  • zone.js ~0.11.4
batch/requirements.txt pypi
  • google-cloud-pubsub *
  • kubernetes *
  • pyyaml *
  • types-PyYAML *
cis/requirements.txt pypi
  • google-api-core <2.0.0dev
  • google-cloud-bigquery *
  • google-cloud-firestore *
  • google-cloud-pubsub *
  • google-cloud-resource-manager *
  • slack_sdk *
sdarq/backend/requirements.txt pypi
  • Flask ==2.0.1
  • Flask-Limiter *
  • flask-api *
  • flask-cors *
  • google-api-core >=1.14.0
  • google-cloud-bigquery *
  • google-cloud-firestore *
  • google-cloud-pubsub *
  • google-cloud-resource-manager *
  • gunicorn >=1.4
  • jira *
  • jsonschema *
  • python-owasp-zap-v2.4 *
  • requests *
  • requests-oauthlib ==1.0.0
  • slack_sdk *
  • urllib3 ==1.26.5
  • virtualenv ==16.0.0
  • werkzeug *
zap/requirements.txt pypi
  • aiohttp ==3.7.3
  • defusedxml ==0.7.1
  • google-auth ==1.30.0
  • google-cloud-pubsub ==2.5.0
  • google-cloud-storage ==1.38.0
  • python-owasp-zap-v2.4 ==0.0.18
  • requests ==2.25.1
  • slack-sdk ==3.5.1
.github/workflows/docs.yml actions
  • actions/cache v1 composite
  • actions/checkout v3 composite
  • actions/setup-node v1 composite
  • peaceiris/actions-gh-pages v3 composite
.github/workflows/gke.yml actions
  • actions/checkout v2 composite
  • sysdiglabs/k8s-security-lint v1.0.0 composite
.github/workflows/trivy.yml actions
  • actions/checkout v2 composite
  • broadinstitute/dsp-appsec-trivy-action v1 composite
bastion/Dockerfile docker
  • us.gcr.io/broad-dsp-gcr-public/base/nodejs alpine build
batch/Dockerfile docker
  • base latest build
  • us.gcr.io/broad-dsp-gcr-public/base/python alpine build
cis/Dockerfile docker
  • base latest build
  • us.gcr.io/broad-dsp-gcr-public/base/python debian build
codedx/Dockerfile docker
  • codedx/codedx-tomcat v2023.4.8 build
sdarq/backend/Dockerfile docker
  • us.gcr.io/broad-dsp-gcr-public/base/python debian build
sdarq/frontend/Dockerfile docker
  • us.gcr.io/broad-dsp-gcr-public/base/nginx mainline-alpine build
  • us.gcr.io/broad-dsp-gcr-public/base/nodejs 14-alpine build
security-controls/Dockerfile docker
  • us.gcr.io/broad-dsp-gcr-public/base/python debian build
zap/Dockerfile docker
  • base latest build
  • build latest build
  • owasp/zap2docker-weekly latest build
  • us.gcr.io/broad-dsp-gcr-public/base/python debian build
security-controls/requirements.txt pypi
  • google-api-core *
  • google-cloud-firestore *
  • google-cloud-logging *
  • google-cloud-resource-manager *
  • requests *
  • slack_sdk *