From 3b2a234c28cdf487238199e460683fececbf801e Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Mon, 25 Dec 2023 10:28:45 +0200 Subject: [PATCH 1/5] Move conferences info to community page Remove reference to old community meetings --- README.md | 19 ++----------------- docs/CONTRIBUTING.md | 6 ------ docs/community.md | 12 ++---------- 3 files changed, 4 insertions(+), 33 deletions(-) diff --git a/README.md b/README.md index fc036d2b2cc..f946d2dc951 100644 --- a/README.md +++ b/README.md @@ -87,23 +87,8 @@ What makes KICS really powerful and popular is its built-in extensibility. This KICS is a true community project. It's built as an open source from day one, and anyone can find his own way to contribute to the project. [Check out how](docs/CONTRIBUTING.md), within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers. -You're welcome to join our monthly [community meetings](docs/community.md), talk with us on GitHub discussions or contact KICS core team at [kics@checkmarx.com](mailto:kics@checkmarx.com). - -## Meet us at conferences - -- [Blackhat ASIA 2023](https://www.blackhat.com/asia-23/arsenal/schedule/index.html#kics---your-iac-secure-now-31009) (video TBD) -- [AWS re:Invent 2021: AWS On Air](https://youtu.be/9ZKldJeBHl4) ([video](https://youtu.be/9ZKldJeBHl4)) -- [OWASP Bristol & Suffolk Chapter - Meetup](https://www.meetup.com/OWASP-Bristol/events/281869377/) ([video](https://youtu.be/KKZJEJF6I0M)) -- [OWASP Canberra Chapter - Meetup](https://www.meetup.com/OWASP-Canberra-Chapter/events/281946376/) -- [InfoSec City - Singapore 2021](https://www.infosec-city.com/sin21-bizcomm) -- [DevSecOps Singapore 2021](https://devopscon.io/cloud-platforms-serverless/infrastructure-is-the-new-code-is-your-devsecops-ready/) -- [Blackhat Europe 2021](https://www.blackhat.com/eu-21/arsenal/schedule/#kics-keeping-infrastructure-as-code-secure-25111) -- [HashiTalks IL 2021](https://events.hashicorp.com/hashitalksisrael) ([video](https://www.youtube.com/watch?v=DFRiSVH4lu0)) -- [Yalla DevOps 2021](https://yalla-devops.com/) ([video](https://youtu.be/Hs_YbAH9giI)) -- [Geektime Code 2021](https://code.geektime.co.il/) -- [DevSecCon24 2021](https://www.devseccon.com/devseccon24-2021/) ([video](https://www.youtube.com/watch?v=eaD-tGMOKe8)) -- [GISEC Global 2021](https://www.gisec.ae/gisec-2021-conference/insecure-infrastructure-as-code-leaves-the-door-open-for-hackers-1wez) -- [Blackhat ASIA 2021](https://www.blackhat.com/asia-21/arsenal/schedule/#kics-22475) ([video](https://www.youtube.com/watch?v=56AM1wiIOss)) +You're welcome to join our [community](docs/community.md), talk with us on GitHub discussions or contact KICS core team at [kics@checkmarx.com](mailto:kics@checkmarx.com). + **Keeping Infrastructure as Code Secure!** diff --git a/docs/CONTRIBUTING.md b/docs/CONTRIBUTING.md index cf3d6532416..467d7f4d5b4 100644 --- a/docs/CONTRIBUTING.md +++ b/docs/CONTRIBUTING.md @@ -6,10 +6,6 @@ KICS is a true community project. It's built as an open source from day one, and Within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers. -#### Community Meetings - -You're welcome to join our monthly [community meetings](community.md) - #### Contribution Options Good news! You don't have to contribute code. There are plenty of ways you can contribute to KICS project: @@ -186,5 +182,3 @@ The people listed below had made a huge contribution to KICS. **Thank you all!** - - diff --git a/docs/community.md b/docs/community.md index 08ae6eca9f9..3dbec645753 100644 --- a/docs/community.md +++ b/docs/community.md @@ -1,13 +1,4 @@ -## Community Meetings -Our community meetings are held virtually on the first Thursday of every month at 15:00 UTC(+0) by [Zoom](https://tinyurl.com/kics-community). - -Upcoming meetings: -- March 2nd, 2023 -- April 6th, 2023 - -You're welcome to join us. - -If want to see summary of previous meetings, have questions about them or want to add a topic to the agenda, you can join our [community thread](https://github.com/Checkmarx/kics/discussions/5675). +## Community ## Hacktoberfest *"[Hacktoberfest](https://github.com/topics/hacktoberfest) is a month-long celebration of open source projects, their maintainers, and the entire community of contributors. Each October, open source maintainers give new contributors extra attention as they guide developers through their first pull requests on GitHub."*
@@ -22,6 +13,7 @@ KICS is a true community project. It's built as an open source from day one, and ## Meet us at conferences +- [Blackhat ASIA 2023](https://www.blackhat.com/asia-23/arsenal/schedule/index.html#kics---your-iac-secure-now-31009) (video TBD) - [AWS re:Invent 2021: AWS On Air](https://youtu.be/9ZKldJeBHl4) ([video](https://youtu.be/9ZKldJeBHl4)) - [OWASP Bristol & Suffolk Chapter - Meetup](https://www.meetup.com/OWASP-Bristol/events/281869377/) ([video](https://youtu.be/KKZJEJF6I0M)) - [OWASP Canberra Chapter - Meetup](https://www.meetup.com/OWASP-Canberra-Chapter/events/281946376/) From 93b54dd10ffad9d562c07be8c4d5489cad0b999c Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Mon, 25 Dec 2023 12:04:35 +0200 Subject: [PATCH 2/5] Add contributors count badge Align buttons style --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f946d2dc951..b9da3d085b4 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,9 @@ [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Queries](https://raw.githubusercontent.com/Checkmarx/kics/gh-pages/queries.svg)](https://docs.kics.io/develop/queries/all-queries/) [![Docker Pulls](https://img.shields.io/docker/pulls/checkmarx/kics)](https://hub.docker.com/r/checkmarx/kics) -[![Documentation](https://img.shields.io/badge/docs-viewdocs-blue.svg?style=flat-square "Viewdocs")](https://docs.kics.io/) -[![GitHub Discussions](https://img.shields.io/badge/chat-discussions-blue.svg?logo=github&style=flat-square)](https://github.com/Checkmarx/kics/discussions) +![GitHub contributors](https://img.shields.io/github/contributors/checkmarx/kics?color=blue&link=https%3A%2F%2Fgithub.com%2FCheckmarx%2Fkics%2Fgraphs%2Fcontributors) +[![Documentation](https://img.shields.io/badge/docs-viewdocs-blue.svg "Viewdocs")](https://docs.kics.io/) +[![GitHub Discussions](https://img.shields.io/badge/chat-discussions-blue.svg?logo=github)](https://github.com/Checkmarx/kics/discussions) [![checkmarx](https://img.shields.io/endpoint?url=https://pgp36n22ol.execute-api.eu-west-1.amazonaws.com/dev/cxflowcache-results?style=plastic&logoWidth=20&logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAACXBIWXMAAA7EAAAOxAGVKw4bAAADbklEQVRYhc2XTWidRRSGn3MJl1AkZFFcFCkFIYKCYMEgIhZEMtNS2kHBvxYbl1kUIqELQXHhQigtCK266EIoSt0YplbsTJGqaFFahC6yiiJFUIJ2IUGClJLj4vvu/X7uTC7cJOoLH5eZM3Ped37OOXPhP4akOl20XeAQsB+YAsZH9H8HuAVcAxa9CStDBbhgDyKcAfaMSJoVo8pZEd7wJqwNCHDRdlSZF+H0FhO3cR3FeBv+BOjUDM8InEZhm79pFT5w0Xb6Aly0Eyjvb+OqGxBVBzwJMAaA8jLCTrQ3olRbHNBv5TcKxoCH6e10z6cKKMeAr8ZKwsN94r5MABaAd7wJ6yMKwEU7A8SG/+J3Gqo78GBi7tXNkpf4giIUG1CYBOiUl2FHYuLNLSAH1SnQXQnDbYBOlkTZNHmRU+QbkG7bJsi3UF3CQbRS1OFoxwSeRplEuOpN+D1LHO048DbKfNJ3gXPQzANZuGh3CHyNchm4gPKji/axzNgp4BrKfN6jnvU23KwJSMhsds2iPF5rT6jqJy7ae2vEHRftUVR/QNm7wXoCIid6jTIMhYEc0BRzf/9ISpuI7EK54KI1qoyrckZgdsBXfTHCe8Cr3oQ7PdfVEQjNOG3mhC8z454CzolwQ4TZDeavIjwPHK+TVzswHJ+jfIhwNGGbHTL3e+CIN+HnlDF/B2rwJqwjzAFLw5RW0HXgJLAvRw79HUi8S1qavAl/uWifBb0BMjGEfQXkmDfhSr2zLHr3ACveFvknH4YJTd6EZUVe2ZBauQI8UicvI+Qt4A+EXxH9zkV7XyUgVbczuGjCIsqpxJy7wAmE/Ymn1wzK6yjdYqxMA+9C/wiq2ltbSR7Cayi7FZ4rZulPKnLkognXM7uyL9H3BPR2QGSwFEv+eLwJdxFeFOEBhEcReShLXvjrtkoxSFEIe2G4BkzWRWjxGs6iLGLLG42p+5ImOcCaN2G9J2AJaJRMgQMu2peAj0cty2WpfwE4kDAvQZWILgEzrQEd4CNgwUXzS/OM2ncm294N2bpwqS7gvMKbAjsTA/eCtJy0Y3RYuwlVbotwHspL6E1YFWXuX3iSg4LAnDdhtS+gFL2oxSN0eyEsICxWzRZctAfL0rpnK3kVbolw3JvwWVNPAi7aLsohZNN/Tv8GllEuI3zaLsX/C/wDM7pjD59N2pkAAAAASUVORK5CYII=)](https://sast.checkmarx.net/cxwebclient/portal#/projectState/702/Summary) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/ceddb5b1b37d4edfa56440842c6248a4)](https://www.codacy.com/gh/Checkmarx/kics/dashboard?utm_source=github.com&utm_medium=referral&utm_content=Checkmarx/kics&utm_campaign=Badge_Grade) From 3787e70ae0efbfaf9180b16b110100cb18bc8cb7 Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Mon, 25 Dec 2023 20:11:42 +0200 Subject: [PATCH 3/5] Update community information Add individual contributors images Add KICS contributing companies Start a list of organizations who use KICS --- README.md | 23 +++++++++++++++++++---- docs/community.md | 18 +++++++++++------- 2 files changed, 30 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index b9da3d085b4..17a98f1138b 100644 --- a/README.md +++ b/README.md @@ -83,14 +83,29 @@ What makes KICS really powerful and popular is its built-in extensibility. This - Fully customizable and adjustable heuristics rules, called [queries](docs/queries.md). These can be easily edited, extended and added. - Robust but yet simple [architecture](docs/architecture.md), which allows quick addition of support for new Infrastructure as Code solutions. -## Contribution - -KICS is a true community project. It's built as an open source from day one, and anyone can find his own way to contribute to the project. -[Check out how](docs/CONTRIBUTING.md), within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers. +## Community You're welcome to join our [community](docs/community.md), talk with us on GitHub discussions or contact KICS core team at [kics@checkmarx.com](mailto:kics@checkmarx.com). +### KICS Contributors + +See our individual contributors in the [community](docs/community.md) page. You're welcome to join them by [contributing](docs/CONTRIBUTING.md) to KICS. + +We also like to thank the following organizations for their ongoing contribution: +- [Checkmarx](https://checkmarx.com/) +- [Bedrock Streaming](https://bedrockstreaming.com/) (since v1.4.8) +- [Dynatrace](https://www.dynatrace.com/) (since v1.5.1) +- [Orca Security](https://orca.security/) (since v1.5.10) + +### KICS Users +KICS is used by various companies and organizations, some are listed below. If you would like to be included here please open a PR. +- [Checkmarx](https://checkmarx.com/) ([IaC Security](https://checkmarx.com/product/iac-security/)) +- [GitLab](https://gitlab.com/) ([Infrastructure as Code scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/)) +- [Cisco](https://www.panoptica.app/) ([CI/CD Securitry](https://docs.panoptica.app/docs/ci-cd-security)) +- [JIT](https://www.jit.io/) ([SAST for IaC](https://www.jit.io/security-tools/kics)) +- [Redpanda](https://redpanda.com/) +- [Keptn](https://keptn.sh) **Keeping Infrastructure as Code Secure!** diff --git a/docs/community.md b/docs/community.md index 3dbec645753..e9947163454 100644 --- a/docs/community.md +++ b/docs/community.md @@ -1,15 +1,19 @@ -## Community +# Community -## Hacktoberfest -*"[Hacktoberfest](https://github.com/topics/hacktoberfest) is a month-long celebration of open source projects, their maintainers, and the entire community of contributors. Each October, open source maintainers give new contributors extra attention as they guide developers through their first pull requests on GitHub."*
+## Contribution -- [Open Issues for the event](https://github.com/Checkmarx/kics/issues?q=is%3Aissue+is%3Aopen+label%3A%22hacktoberfest%22) +KICS is a true community project. It's built as an open source from day one, and everyone can find their own way to contribute to the project. +[Check out how](CONTRIBUTING.md), within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers. + + + -## Contribution -KICS is a true community project. It's built as an open source from day one, and anyone can find his own way to contribute to the project. -[Check out how](https://github.com/Checkmarx/kics/blob/master/docs/CONTRIBUTING.md), within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers. +## Hacktoberfest +*"[Hacktoberfest](https://github.com/topics/hacktoberfest) is a month-long celebration of open source projects, their maintainers, and the entire community of contributors. Each October, open source maintainers give new contributors extra attention as they guide developers through their first pull requests on GitHub."*
+ +- [Open Issues for the event](https://github.com/Checkmarx/kics/issues?q=is%3Aissue+is%3Aopen+label%3A%22hacktoberfest%22) ## Meet us at conferences From 1683acbb938015732d9a0539f9a784451750786a Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Wed, 27 Dec 2023 13:51:52 +0200 Subject: [PATCH 4/5] Add Firefly to users list Based on a request by NaorFirefly --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 17a98f1138b..414105d6e5e 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,7 @@ KICS is used by various companies and organizations, some are listed below. If y - [GitLab](https://gitlab.com/) ([Infrastructure as Code scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/)) - [Cisco](https://www.panoptica.app/) ([CI/CD Securitry](https://docs.panoptica.app/docs/ci-cd-security)) - [JIT](https://www.jit.io/) ([SAST for IaC](https://www.jit.io/security-tools/kics)) +- [Firefly](https://www.firefly.ai/) - [Redpanda](https://redpanda.com/) - [Keptn](https://keptn.sh) From 7f7e5456f2d81d6cf9d68e6b96ec22ffce6d9c8f Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Thu, 28 Dec 2023 11:38:17 +0200 Subject: [PATCH 5/5] Add Orca Security to users list Based on request by Lior Samuni --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 414105d6e5e..8d4729615ca 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,7 @@ KICS is used by various companies and organizations, some are listed below. If y - [Checkmarx](https://checkmarx.com/) ([IaC Security](https://checkmarx.com/product/iac-security/)) - [GitLab](https://gitlab.com/) ([Infrastructure as Code scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/)) - [Cisco](https://www.panoptica.app/) ([CI/CD Securitry](https://docs.panoptica.app/docs/ci-cd-security)) +- [Orca Security](https://orca.security/) - [JIT](https://www.jit.io/) ([SAST for IaC](https://www.jit.io/security-tools/kics)) - [Firefly](https://www.firefly.ai/) - [Redpanda](https://redpanda.com/)