I attended a 2 day course based around DevSecOps practices. We were shown a wide range of tools that can be implemented at different stages of the DevOps lifecycle.

• Talisman
• OWASP Dependancy Check
• Hashicorp Vault
• OWASP Zap
• OpenVAS
• Trivy
• Inspec
• ELK Stack (Kibana)

It was a really good two days getting to set these tools up and testing them out. Some of them I’ve seen and used before and others I haven’t. We set them all up using Jenkins CI/CD.