Skip to content

NUA Security

Minimum Viable Secure Product - Checklist “Minimum Viable Secure Product is a minimalistic security checklist for B2B software and business process outsourcing suppliers.”

See als: “Automating product security for busy developers - Start with MVS, Minimal Viable Security plan as code, instantly achieve continuous security”

Docker image checker


(Also called DAST - dynamic application analysis)

See Public/Tech/Security/WAF


Zaproxy “The OWASP ZAP core project”
The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It’s also a great tool for experienced pentesters to use for manual security testing.

NB: gros truc (200 KLOC de Java)
NB: Ce n’est pas un WAF. Ca peut quand même servir.

F5 NGINX App Protect: Web Application Firewall (WAF)
Not open source.
Cool diagram

Page last modified: 2024-03-28 10:11:19