DevSecOps Toolchain MAP Release v.1.1.2
December 3, 2025ยท222 views

๐Ÿ› ๐Ÿ† DevSecOps Toolchain MAP Release v.1.1.2

Fireworks,

Iโ€™ve made a map of tools for AppSec and its classes. Yes, itโ€™s the same one that I wrote about earlier in this post and I really want to share it with you.

Look, you can check it and use filtering.

Here is the source of the project with wrappers in js, logic in py + json from yaml. You can look at the turnips and shields with details, it was released recently, but I just canโ€™t resist sharing it with you. Before then I plan to tweak a couple of cool things.

For your convenience, it is drawn on mkdocs material and is available via a link with adaptive layout, but you understand that the table is not convenient from a phone, so there is filtering. The plate is adjusted to the size of the screen and compact as much as possible; there are currently 267 entries about the tools.

- Each tool indicates the type of license, in the menu there is a page describing the licenses and here you can check for #licenses. I will continue this story soon as well. In addition, there is a description and other cool marked things that will help you decide whether you need a tool or not.

- The table provides open-source solutions, vendor solutions for the Russian market and from abroad. There are also FSTEC certificates.

Now the functionality is being finalized and while the work is underway, please note that you are one of the first to see this right now ๐Ÿ†

A piece of the table in the carousel for this post. Filtering looks like this and I will show a couple of points, what data it displays, includes a free search by tools inside the table, which is collected from yaml.

Highlights:

- the card makes it possible to choose tools that are beneficial for yourself for all the necessary situations: when there is no money, when we cannot integrate a large tool, when there is no one and we have to do everything alone, etc.

- the tool map shows what classes and types of tools there are

- the previous version of the map is here

- 'meta' data is aggregated about the presence of certification, the type of software license, whether it can be imported, what programming language, what types of reports, etc.

- all layout is based on 'mkdocs material'

- we accept 'pull requests' for changes so that this map can be shared and we can work in a single field with the community. Now the release will be fixed and soon we will upload it here and publish it, and you will get first-hand what is available now

- there is filtering by 'meta' data

- removed some tools that are not supported or are less popular, as a result of which they are not updated

- the lists of tools have been updated, edits to texts and the addition of description materials are currently being prepared

- added MLSecOps, that is, to be in trend ๐Ÿ˜…

You can see Release v.1.1.2 here with artifacts and a description of how it unfolds, and yes, donโ€™t forget about the litsu and notification.

Stay Tuned ๐Ÿ™

#appsec #devsecops #roadmap #specialty #toolchain #techsolution #gost #paper

#licenses#appsec#devsecops#roadmap#specialty#toolchain#techsolution#gost#paper
Open in Telegram