>myctrl.tools
Preferences
Under active development Content is continuously updated and improved

DevSecOps

CI/CD security, code scanning, IaC validation, and secure development tooling.

What you'll find here

These guides help you wire security into build pipelines, enforce policy gates, and verify supply chain controls.

Under Construction: This guidance is being actively developed and verified. Content may change.

Guides

4 guides in this section.

GitHub Actions

by GitHub, Inc. (Microsoft)

CI/CD platform for automating build, test, and deployment workflows with native GitHub integration

8 sources
9 commands
4 frameworks

Snyk

by Snyk Ltd.

Developer-first security platform for vulnerability scanning across code, dependencies, containers, and IaC

7 sources
9 commands
4 frameworks

SonarQube

by SonarSource SA

Code quality and security analysis platform with SAST, taint analysis, and compliance reporting

6 sources
7 commands
4 frameworks

Terraform

by HashiCorp

Infrastructure as Code (IaC) tool for provisioning and managing cloud resources with state management and secrets handling

5 sources
12 commands
4 frameworks