Update from develop #74

mattaereal · 2024-09-30T19:18:43Z

Frameworks PR Checklist

Thank you for contributing to the Security Frameworks! Before you open a PR, make sure to read information for contributors and take a look at following checklist:

Updating main with develop (tags and banner).
If you are touching an existing piece of content, ask the original creator for review
If you need feedback for your content from wider community, share the PR in our Discord
Review changes to ensure there are no typos, see instructions below

…eworks into develop Adds banner with disclaimer.

Co-authored-by: Matías Aereal Aeón <[email protected]>

Banner update & tags modifications UX

vercel · 2024-09-30T19:18:46Z

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
frameworks	✅ Ready (Inspect)	Visit Preview	✅ 30 resolved	Sep 30, 2024 7:18pm

github-actions · 2024-09-30T19:19:07Z

Hi @mattaereal,

Following typos were found in the pull request:

📄 ./CODE_OF_CONDUCT.md:
1. socio
2. sexualized
📄 ./src/threat-modeling/identity-mitigate-threats.md:
1. Devops
2. integrations
3. lifecycle
📄 ./src/threat-modeling/create-maintain-threat-models.md:
1. OWASP
📄 ./src/security-testing/fuzz-testing.md:
1. Fuzzers
2. AFL
3. executables
4. LibFuzzer
5. LLVM
6. Fuzzer
7. Mythril
📄 ./src/security-testing/static-application-security-testing.md:
1. SAST
2. SAST
3. SAST
4. codebase
5. lifecycle
6. SAST
7. codebase
8. SAST
9. SAST
10. codebase
11. SAST
12. SAST
13. SAST
14. SonarQube
15. Checkmarx
16. SAST
17. Veracode
18. SAST
19. SAST
20. Solhint
📄 ./src/security-testing/README.md:
1. Devops
2. SRE
📄 ./src/security-testing/dynamic-application-security-testing.md:
1. DAST
2. DAST
3. DAST
4. DAST
5. DAST
6. DAST
7. DAST
8. DAST
9. DAST
10. OWASP
11. Acunetix
12. Veracode
13. DAST
14. DAST
15. reentrancy
16. underflows
17. DAST
📄 ./src/security-testing/security-regression-testing.md:
1. codebase
2. codebase
📄 ./src/key-management/cold-vs-hot-wallet.md:
1. cryptocurrencies
2. Gapped
3. cryptocurrency
4. cryptocurrencies
5. cryptocurrency
📄 ./src/key-management/hardware-wallets.md:
1. cryptocurrency
2. Nano
3. cryptocurrencies
4. Nano
5. Trezor
6. cryptocurrencies
7. Shamir
8. Trezor
9. Cryptocurrencies
10. Nano
11. Trezor
12. Shamir
📄 ./src/key-management/signing-schemes.md:
1. cryptocurrency
2. EOA
3. Multisignature
4. Multisig
5. DeFi
6. multisig
7. customizable
8. Multisignature
9. DeFi
📄 ./src/key-management/README.md:
1. Cryptocurrency
2. cryptographic
3. EOAs
4. Multisig
5. cryptocurrency
6. cryptocurrency
7. xkcd
📄 ./src/key-management/custodial-vs-non-custodial.md:
1. cryptocurrency
2. cryptocurrency
📄 ./src/key-management/software-wallets.md:
1. cryptocurrency
2. DeFi
3. walletcompare
4. xyz
📄 ./src/front-end-web-app/security-tools-resources.md:
1. OWASP
2. Snyk
📄 ./src/front-end-web-app/web-application-security.md:
1. XSS
2. OWASP
3. IPFS
📄 ./src/front-end-web-app/common-vulnerabilities.md:
1. Devops
2. DNS
3. devestating
4. practises
5. XSS
6. CSRF
7. IDOR
8. OWASP
9. OWASP
📄 ./src/front-end-web-app/mobile-application-security.md:
1. OWASP
📄 ./src/front-end-web-app/README.md:
1. Devops
2. offical
📄 ./src/intro/how-to-navigate-the-website.md:
1. Crypto
📄 ./src/intro/what-is-it.md:
1. skillset
📄 ./src/intro/introduction.md:
1. blockchain
2. lifecycle
📄 ./src/intro/overview-of-each-framework.md:
1. cryptographic
2. DevSecOps
3. IAM
4. lifecycle
📄 ./src/intro/what-it-isnt.md:
1. curations
📄 ./src/SUMMARY.md:
1. DNS
2. FDE
3. DevSecOps
4. VPN
5. IAM
6. RBAC
7. DAST
8. SAST
📄 ./src/infrastructure/cloud.md:
1. Devops
2. SRE
3. dapp
4. RBAC
5. BYOK
6. failover
7. GDPR
8. GCP
9. CloudSploit
10. CloudSploit
📄 ./src/infrastructure/ddos-protection.md:
1. Devops
2. SRE
3. DRT
4. WAF
5. WAF
6. WAF
7. WAF
8. GCP
9. WAF
10. VPC
11. Stackdriver
12. Cloudflare
13. Akamai
14. scalable
15. Imperva
📄 ./src/infrastructure/identity-and-access-management.md:
1. Managemnt
2. IAM
📄 ./src/infrastructure/operating-system-security.md:
1. Devops
2. SRE
3. practises
4. NIST
5. RBAC
6. HIDS
7. NIST
📄 ./src/infrastructure/network-security.md:
1. Devops
2. SRE
3. RDP
4. IDPS
📄 ./src/infrastructure/README.md:
1. Devops
2. SRE
3. DNS
4. DNS
5. DNS
📄 ./src/infrastructure/zero-trust-principles.md:
1. JIT
2. JEA
3. IAM
4. analytics
📄 ./src/infrastructure/dns-and-domain-registration.md:
1. DNS
2. DNS
3. DNS
4. DNS
5. DNSSEC
6. DNS
7. DNS
8. WHOIS
9. DNS
10. DNS
11. DNS
📄 ./src/infrastructure/asset-inventory.md:
1. Devops
2. SRE
📄 ./src/contribute/contributing.md:
1. repo
2. blockquotes
3. excalidraw
4. blockquotes
5. inevitableeth
6. blockquote
7. repo
📄 ./src/contribute/contributors.md:
1. substancial
2. Matías
3. Aereal
4. Aeón
5. Fredrik
6. Svantes
7. Mehdi
8. Zerouali
9. Sebastián
10. Fernández
📄 ./src/awareness/social-engineering.md:
1. otain
2. Pretexting
3. backdoors
📄 ./src/awareness/security-training.md:
1. introductionary
2. targetting
3. SMS
4. authenticator
5. strenghts
6. SMS
📄 ./src/awareness/staying-up-to-date.md:
1. likelt
2. Defi
3. Stormcast
📄 ./src/community-management/discord.md:
1. Durations
2. Integrations
3. bot's
4. MEE
5. Dyno
6. cooldown
7. Uncheck
8. Dyno
9. Captcha
10. captcha
11. Dyno
12. lockdown
13. Integrations
14. integrations
15. analytics
📄 ./src/community-management/README.md:
1. practises
2. SMS
3. Yubikey
4. Authy
5. passcodes
📄 ./src/community-management/google.md:
1. SMS
2. authenticator
3. Authenticator
4. OAuth
5. OAuth
6. influencer
📄 ./src/community-management/twitter.md:
1. particularily
2. practises
3. SMS
4. authenticator
5. TOTP
6. Authy
7. Authenticator
8. Yubico
9. timel
📄 ./src/community-management/telegram.md:
1. suc
2. crypto
3. practises
4. EE
5. blockchain
📄 ./src/devsecops/security-testing.md:
1. Devops
2. SRE
3. DevSecOps
4. SAST
5. DAST
6. ombine
7. SAST
8. DAST
9. IAST
📄 ./src/devsecops/continuous-integration-continuous-deployment.md:
1. Devops
2. SRE
3. practises
4. misconfigurations
📄 ./src/devsecops/README.md:
1. DevSecOps
2. Devops
3. SRE
4. devsecops
5. devsecops
6. devsecops
7. Dvelopment
📄 ./src/devsecops/repository-hardening.md:
1. Devops
2. consequenses
3. practises
📄 ./src/devsecops/code-signing.md:
1. Devops
2. GPG
3. Yubikeys
4. GPG
📄 ./src/devsecops/integrated-development-environments.md:
1. Devops
📄 ./src/user-team-security/phishing-social-engineering.md:
1. cryptocurrencies
2. cryptocurrencies
3. Crypto
4. unecessary
5. Unrekt
6. Etherscan
📄 ./src/user-team-security/security-training.md:
1. trainign
2. Wargames
📄 ./src/governance/risk-management.md:
1. NIST
2. COBIT
3. helop
📄 ./src/governance/compliance-regulatory-requirements.md:
1. Devops
2. GDPR
3. crypto
4. GDPR
5. HIPAA
6. CCPA
7. PCI
8. DSS
9. Anonymization
10. Pseudonymization
11. anonymization
12. pseudonymization
13. RBAC
14. RBAC
15. timeframes
16. TLS
17. VPN
18. NIST
19. NIST
20. Cybersecurity
21. cybersecurity
22. IEC
23. CIS
24. CIS
25. cybersecurity
26. GDPR
27. GDPR
28. GDPR
29. HIPAA
30. HIPAA
31. HIPAA
32. PCI
33. DSS
34. PCI
35. PCI
36. DSS
37. Cybersecurity
38. CISA
39. CISA
40. cybersecurity
41. CSA
42. CSA
43. IAPP
44. IAPP
45. whitepapers
46. whitepapers
📄 ./src/governance/security-metrics-kpis.md:
1. MTTD
2. MTTR
3. timeframe
📄 ./src/supply-chain/dependency-awareness.md:
1. Snyk
2. Dependabot
3. Ethlint
4. Snyk
5. npm
📄 ./src/supply-chain/README.md:
1. Devops
2. blockchain
📄 ./src/supply-chain/supply-chain-levels-software-artifacts.md:
1. Middleware
📄 ./src/monitoring/guidelines.md:
1. blockchain
2. blockchain
3. SMS
📄 ./src/monitoring/README.md:
1. blockchain
📄 ./src/privacy/vpn-services.md:
1. VPN
2. VPN
3. VPN
4. VPN
5. AES
6. VPN
7. DNS
8. VPN
9. MullvadVPN
10. ProtonVPN
11. NordVPN
12. VPN
13. CyberSec
14. Surfshark
15. ExpressVPN
16. VPN
17. VPN
18. Fi
19. Fi
20. VPN
21. Fi
22. VPN
23. VPN
24. VPN
📄 ./src/privacy/data-removal-services.md:
1. Spokeo
2. Whitepages
📄 ./src/privacy/digital-footprint.md:
1. Ghostery
2. customizable
3. Deseat
📄 ./src/privacy/financial-privacy-services.md:
1. cryptocurrency
2. VPN
📄 ./src/privacy/secure-browsing.md:
1. HTTPS
2. HTTPS
3. HTTPS
4. HTTPS
5. HTTPS
6. Fi
7. Fi
8. VPN
9. Startpage
📄 ./src/privacy/privacy-focused-operating-systems-tools.md:
1. Qubes
2. Whonix
3. anonymize
4. KeePass
📄 ./src/privacy/README.md:
1. Devops
📄 ./src/privacy/encrypted-communication-tools.md:
1. Threema
📄 ./src/security-automation/infrastructure-as-code.md:
1. Devops
2. SRE
3. misconfigurations
4. Scalability
5. scalable
6. RBAC
7. Checkov
8. tfsec
9. Terrascan
10. Terraform
11. Terraform
12. tfsec
13. Checkov
14. Config
15. Ansible
📄 ./src/security-automation/compliance-checks.md:
1. Devops
2. SRE
3. Config
4. customizable
5. HashiCorp
6. Terraform
7. HashiCorp
8. OpenSCAP
9. NIST
10. CIS
📄 ./src/security-automation/README.md:
1. Devops
2. SRE
📄 ./src/security-automation/threat-detection-response.md:
1. Devops
2. SRE
3. SIEM
4. SIEM
5. SIEM
6. SIEM
7. SIEM
📄 ./src/operational-security/detecting-and-mitigating-insider-threats.md:
1. Analytics
2. RBAC
📄 ./src/operational-security/password-secrets-management.md:
1. cryptographic
2. Yubikey
3. authenticator
4. Authy
5. SMS
6. SMS
7. appropiate
8. XKCD
9. Qwertycards
10. BIP
11. crypto
12. Shamir
13. Shamir's
14. recoverability
15. Yubikeys
16. SSO
17. SSO
18. KMS
19. cryptographic
20. KMS
21. Biometric
📄 ./src/operational-security/physical-security.md:
1. cryptocurrency
2. untrusted
3. untrusted
4. Fi
5. VPN
6. untrusted
7. cryptographic
8. cryptocurrency
9. cybersecurity
📄 ./src/operational-security/README.md:
1. Devops
2. SRE
3. reputational
📄 ./src/operational-security/g-suite-security.md:
1. Devops
2. Yubikeys
3. SMS
4. RBAC
5. RBAC
6. JIT
7. DLP
8. DLP
9. DLP
10. Workspace's
11. MDM
12. Workspace's
13. MDM
14. GDPR
📄 ./src/operational-security/standard-operating-environment.md:
1. Devops
2. SRE
3. SOE
4. SOE
5. RBAC
6. Yubikeys
7. VLANs
8. WPA
9. WPA
10. AES
11. Fi
📄 ./src/operational-security/sim-swapping.md:
1. SMS
2. crypto
3. SMS
4. Authenticator
5. Yubico
6. Authy
7. Gmail
8. Crypto
9. Coinbase
10. Binance
11. Squarespace
12. Revolut
13. Fi
14. Fi
15. MVNO
16. Fi
17. Fi
18. Efani
19. Efani
20. MVNO
21. Efani
22. Efani
23. SMS
📄 ./src/operational-security/telegram.md:
1. Passcode
2. Passcode
3. passcode
4. Passcode
5. passcode
📄 ./src/operational-security/wireless-security.md:
1. offfers
2. WPA
3. Fi
4. WPA
5. WPA
6. AES
7. SSID
8. SSID
9. VLANs
10. WIDS
11. VPN
12. VPN
📄 ./src/iam/secure-authentication.md:
1. Devops
2. SMS
3. Yubikeys
4. SSO
5. SSO
6. SSO
7. Yubikeys
8. SMS
📄 ./src/iam/README.md:
1. IAM
2. IAM
3. IAM
4. RBAC
📄 ./src/iam/access-management-best-practises.md:
1. Devops
2. JIT
3. Onboarding
4. Offboarding
5. onboarding
6. offboarding
7. lifecycle
📄 ./src/iam/role-based-access-control.md:
1. RBAC
2. Devops
3. RBAC
4. RBAC
5. RBAC
📄 ./src/vulnerability-disclosure/bug-bounties.md:
1. incentivize
2. bonuty
3. Immunefi
4. Hackenproof
5. decrypt
6. Bugcrowd
📄 ./src/vulnerability-disclosure/README.md:
1. Devops
📄 ./src/vulnerability-disclosure/security-contact.md:
1. txt
2. txt
3. txt
4. txt
5. Acknowledgement
📄 ./src/external-security-reviews/security-policies-procedures.md:
1. codebase
📄 ./src/external-security-reviews/README.md:
1. Devops
2. offchain
3. onchain
📄 ./src/external-security-reviews/preparation.md:
1. Devops
2. mythril
3. semgrep
4. Golang
5. golangci
6. gosec
7. gokart
8. clippy
9. TVL
📄 ./src/encryption/communication-encryption.md:
1. suppsedly
📄 ./src/encryption/database-encryption.md:
1. PII
2. TDE
3. decrypt
📄 ./src/encryption/email-encryption.md:
1. unencrypted
2. Comodo
3. Symantec
4. GPG
5. Enigmail
6. Gmail
7. GPG
8. Enigmail
9. ons
10. Gmail
11. GPG
12. TLS
13. TLS
14. TLS
15. GPG
16. Mailvelope
17. webmail
18. Gmail
📄 ./src/encryption/hardware-encryption.md:
1. HSM
2. HSM
3. TPM
4. TPM
5. SEDs
📄 ./src/encryption/README.md:
1. Devops
📄 ./src/encryption/encryption-in-transit.md:
1. TLS
2. SSL
📄 ./src/encryption/partition-encryption.md:
1. unencrypted
2. LUKS
3. LUKS
4. AES
📄 ./src/encryption/volume-encryption.md:
1. unencrypted
2. LUKS
3. AES
📄 ./src/encryption/cloud-data-encryption.md:
1. Devops
2. AES
3. TLS
4. KMS
5. KMS
6. BYOK
7. KMS
8. CSEK
9. BYOK
10. IAM
11. IAM
12. Config
13. IAM
📄 ./src/incident-management/seal-911-war-room-guidelines.md:
1. pre
2. UI
3. frontend
4. frontend
5. Etherscan
6. whitehat
7. abcdef
8. xabcdef
9. xfedcba
10. aaaabbbb
11. xaaaabbbbccccdddd
12. xddddeeeeffff
13. CEX
14. Phalcon
15. xabcdef
16. ETH
17. aaaabbbb
18. fedcba
19. DAI
20. CEX
21. xaaaabbbbccccdddd
22. abcdef
23. BTC
24. multisig
25. xddddeeeeffff
26. xfedcba
27. USDC
28. xabcdefabcdefabcd
29. abcdef
30. CEX
31. xfedcba
32. Mortem
33. writeup
34. writeup
35. multisig
36. frontend
37. Phalcon
38. Openchain
39. repo
40. gists
📄 ./src/incident-management/communication-strategies.md:
1. pre
📄 ./src/incident-management/README.md:
1. Devops
2. SRE
📄 ./src/incident-management/playbooks.md:
1. devestating
📄 ./src/incident-management/lessons-learned.md:
1. Devops
2. SRE
📄 ./src/incident-management/incident-detection-and-response-mechanisms.md:
1. onchain
2. IRT
3. IRT
4. IRP
5. IRP
📄 ./src/secure-software-development/threat-modeling-secure-design-principles.md:
1. Mitigations
2. mitigations
📄 ./src/secure-software-development/secure-code-repositories-version-control.md:
1. Devops
2. RBAC
3. GPG
📄 ./src/secure-software-development/README.md:
1. Devops
2. lifecycle
3. SDLC
📄 ./src/secure-software-development/code-reviews-peer-audits.md:
1. SonarQube
2. Checkmarx
3. Snyk
📄 ./README.md:
1. vercel
2. Vercel
3. needeed
📄 ./.github/ISSUE_TEMPLATE/update-request.md:
1. assignees
📄 ./.github/ISSUE_TEMPLATE/content-request.md:
1. collab
2. assignees
3. xxxxxx
4. yyyyy
5. zzzzz

ℹ️ Here's how to fix them:

Fix typos: Open the relevant files and fix any identified typos.
Update wordlist: If a flagged word is actually a project-specific term add it to wordlist.txt in the project root.
Each word should be listed on a separate line. Learn more.
🚧 Remember:
- When adding new words it MUST NOT have any spaces or special characters within or around it.
- wordlist is NOT case sensitive.
- Use backticks to quote code variables so as to not bloat the wordlist.

tebayoso

LGTM!

tebayoso and others added 7 commits September 27, 2024 08:20

Added collaborate stripe

869ac00

Merge commit 'refs/pull/71/head' of github.com:security-alliance/fram…

07a3770

…eworks into develop Adds banner with disclaimer.

Updating current tags to incorporate HR, and a few more

4bca290

Improvemets in tag selection and announcement banner

06b3c14

Clear tags and filters

3b12360

Update theme/index.hbs

4cfd7de

Co-authored-by: Matías Aereal Aeón <[email protected]>

Merge pull request #72 from tebayoso/review_banner

8e08f62

Banner update & tags modifications UX

mattaereal self-assigned this Sep 30, 2024

mattaereal requested a review from tebayoso September 30, 2024 19:20

tebayoso approved these changes Sep 30, 2024

View reviewed changes

mattaereal merged commit f1368f4 into main Sep 30, 2024
3 of 4 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update from develop #74

Update from develop #74

mattaereal commented Sep 30, 2024

vercel bot commented Sep 30, 2024

github-actions bot commented Sep 30, 2024

tebayoso left a comment

Update from develop #74

Update from develop #74

Conversation

mattaereal commented Sep 30, 2024

Frameworks PR Checklist

vercel bot commented Sep 30, 2024

github-actions bot commented Sep 30, 2024

ℹ️ Here's how to fix them:

tebayoso left a comment

Choose a reason for hiding this comment