Skip to content
/ devguard-web Public

DevGuard Web Frontend - Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks - OWASP Incubating Project

devguard.org

License

AGPL-3.0 license
9 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

l3montree-dev/devguard-web

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

348 Commits
.github
.github
 
 
.vscode
.vscode
 
 
public
public
 
 
src
src
 
 
.dockerignore
.dockerignore
 
 
.env.example
.env.example
 
 
.eslintignore
.eslintignore
 
 
.eslintrc.json
.eslintrc.json
 
 
.gitignore
.gitignore
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
Dockerfile
Dockerfile
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
components.json
components.json
 
 
cosign.pub
cosign.pub
 
 
jest.config.ts
jest.config.ts
 
 
jest.setup.ts
jest.setup.ts
 
 
leaks-baseline.json
leaks-baseline.json
 
 
next.config.js
next.config.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 
postcss.config.js
postcss.config.js
 
 
prettier.config.js
prettier.config.js
 
 
tailwind.config.js
tailwind.config.js
 
 
tsconfig.json
tsconfig.json
 
 

Repository files navigation


DevGuard by L3montree Logo

DevGuard - Develop Secure Software - Frontend

Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks

Report Bug · Request Feature

Table of Contents
  1. About The Project
  2. Getting Started
  3. Usage
  4. Roadmap
  5. Contributing
  6. Code of Conduct
  7. License

About The Project

DevGuard is a vulnerability management that fits perfectly into any IT environment and ensures mitigation of vulnerabilities and complete documentation of the handling processes. It aims to be compliant to various security frameworks, like ISO 27001 or German BSI Grundschutz. With DevGuard you can easily go through the vulnerability management process:

  1. Consolidation of vulnerabilities
  2. Enhancing the data
  3. Risk Assessment
  4. Selection of the mitigation type
  5. Sharing of the vulnerability information to responsible parties
  6. Reporting

(back to top)

Demo

We are using DevGuard to scan and manage the risks of DevGuard itself—essentially eating our own dogfood. The project can be found here:

DEMO

We believe VEX information should be shared via a link due to its dynamic nature, as what is risk-free today may be affected by a CVE tomorrow. We've integrated the DevGuard risk scoring into the metrics, with detailed documentation on its calculation to follow soon. SBOM and VEX data are always up to date at these links:

Project SBOM VeX
Devguard Golang API SBOM VeX
Devguard Web-Frontend SBOM VeX

Built With

DevGuard is divided into two projects: A frontend (DevGuard Web) and a backend (DevGuard Backend).

Frontend (this project):

  • Next
  • React

Backend:

  • Go

(back to top)

Getting Started

To get a local copy up and running follow these simple example steps.

  1. Clone the repo 
    git clone https://github.com/l3montree-dev/devguard-web.git
  2. Install NPM packages 
    npm install
  3. Start the development server 
    npm run dev

(back to top)

Roadmap MVP

  • Consolidation of vulnerabilities
  • Enhancing the data
  • Risk Assessment
  • Selection of the mitigation type
  • Sharing of the vulnerability information to responsible parties
  • Reporting
  • Multi-language Support
    • German
    • English

See the open issues for a full list of proposed features (and known issues).

(back to top)

Contributing

Please read our contribution guide if you would like to report a bug, ask a question, or help us with coding.

(back to top)

Code of Conduct

Help us keep DevGuard open and inclusive. Please read and follow our Code of Conduct.

(back to top)

License

Distributed under the AGPL-3.0-or-later License. See LICENSE.txt for more information.

(back to top)

Build using kaniko

docker run --rm -v $(pwd):/workspace gcr.io/kaniko-project/executor:latest --dockerfile=/workspace/Dockerfile --context=/workspace --tarPath=/workspace/image.tar --no-push

About

DevGuard Web Frontend - Manage your CVEs seamlessly, Integrate your Vulnerability Scanners, Documentation made easy, Compliance to security Frameworks - OWASP Incubating Project

devguard.org

Topics

vulnerability cve vulnerability-management it-security cve-management

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

9 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors 3

Languages