DevSecOps & Backend Projects

Case studies and labs that show how I approach Secure SDLC, CI/CD security, backend services, Kubernetes, and practical automation.

Back to Home

🗂️ All Projects

Every project in one place, across DevSecOps, backend, cloud, security, and other work.

DevSecOps CI/CD security scanning pipeline architecture using GitHub, Trivy, Semgrep, GitLeaks, Syft SBOM, Kyverno, Conftest, Cosign, Sigstore, SLSA provenance, DAST, and Kubernetes staging deployment.

DevSecOps Security Scanning Pipeline

DevSecOps Projects

A public Secure SDLC and DevSecOps boilerplate for running repeatable security checks with SAST, secret scanning, dependency scanning, container scanning, SBOM generation, and IaC policy validation.

CI/CD SecuritySecure SDLCSASTSecret ScanningSBOMTrivySemgrepShell
Source
Self-hosted DevSecOps homelab architecture with rootless kind Kubernetes, GitHub CI/CD, Flux GitOps, secret management, sandbox testing, vulnerability management, and integrated security scanning.

Self-Hosted DevSecOps Lab

DevSecOps Projects

A rootless Kubernetes DevSecOps lab that combines GitOps, service mesh, secrets management, network policy, and the DevSecOps Security Scanning Pipeline as part of a controlled Secure SDLC practice environment.

KuberneteskindIstioOpenBaoFlux CDTailscaleDevSecOpsSecurity Scanning
Source
Linux security audit automation dashboard for virtual machine hardening, Lynis checks, Fail2ban status, auditd review, package integrity, account hygiene, and automated host security reporting.

Linux Security Audit Automation

Backend Projects

A Linux security reporting project that turns periodic host checks into repeatable text and HTML reports with optional email delivery.

LinuxShellLynisFail2banAuditdSecurity ReportingAutomation
Source

🔐 DevSecOps Projects

Security automation, Secure SDLC, and pipeline-focused portfolio work

DevSecOps CI/CD security scanning pipeline architecture using GitHub, Trivy, Semgrep, GitLeaks, Syft SBOM, Kyverno, Conftest, Cosign, Sigstore, SLSA provenance, DAST, and Kubernetes staging deployment.

DevSecOps Security Scanning Pipeline

DevSecOps Projects

A public Secure SDLC and DevSecOps boilerplate for running repeatable security checks with SAST, secret scanning, dependency scanning, container scanning, SBOM generation, and IaC policy validation.

CI/CD SecuritySecure SDLCSASTSecret ScanningSBOMTrivySemgrepShell
Source
Self-hosted DevSecOps homelab architecture with rootless kind Kubernetes, GitHub CI/CD, Flux GitOps, secret management, sandbox testing, vulnerability management, and integrated security scanning.

Self-Hosted DevSecOps Lab

DevSecOps Projects

A rootless Kubernetes DevSecOps lab that combines GitOps, service mesh, secrets management, network policy, and the DevSecOps Security Scanning Pipeline as part of a controlled Secure SDLC practice environment.

KuberneteskindIstioOpenBaoFlux CDTailscaleDevSecOpsSecurity Scanning
Source

⚙️ Backend Projects

Backend services, APIs, secure coding, and implementation experiments

Linux security audit automation dashboard for virtual machine hardening, Lynis checks, Fail2ban status, auditd review, package integrity, account hygiene, and automated host security reporting.

Linux Security Audit Automation

Backend Projects

A Linux security reporting project that turns periodic host checks into repeatable text and HTML reports with optional email delivery.

LinuxShellLynisFail2banAuditdSecurity ReportingAutomation
Source