Welcome to the Zocdoc Information Security Team (ZocSec) SecurityAsCode repository for GitHub. We use AWS's in-built technologies to automate the remediation of common security problems. In this repository, ZocSec presents code & configuration used to lock down our GitHub environment.
These are the projects we're currently ready share:
- GitHub Inventory Tool - This GitHub python script collects all repositories (Private and Public) from authenticated GitHub account.
- GitHub Automated Security - An automated means to secure private GitHub repositories from unintentionally becomes public and enable scan for vulnerable dependencies.
- GitHub_Enable_Vuln_Scan - A simple python script that enable scan for vulnerable dependencies on all repos under any organizational GitHub.
We will be sharing more of our projects in the future.
We welcome contributions and pull requests to this repo; give us feedback.
The primary contributors to this effort are Jay Ball (@veggiespam) and Gary Tsai (@garymalaysia).