In the past few years, we see a rise in product security, adding new responsibilities to both security, dev, and DevOps teams. In my previous company, I saw it first hand and saw how organizations struggle to build, execute and govern the right product security program for their needs. I thought it would be great to build an open project that will be the go-to place for product security, where devs, security stakeholders and ops can gain value. I’m thinking about a portal that will have everything you need in product security. To start, I thought about the following:
1. Full list of all categories, tools, companies, open-source tools for AppSec, CloudSec, etc.
2. Articles and blogs.
3. Open-source libraries list (with how to configure) to bake in security to your software.
4. Best practices for product security from industry experts.
5. List of product security programs.
What are your thoughts? Are you in product security and would like to contribute?
Happy to hear your thoughts,
Disclaimer – this is not a commercial project and doesn’t intend to be one, it will be built by contributors.