Prevent merging of malicious code in pull requests

Focused malicious code detection ruleset, with a high protection-to-noise ratio

Repository containing source code of MixewayFlow service that is Swiss army knife for DevSecOps Teams

A comprehensive security scanner for GitHub Actions workflows, providing deep supply chain analysis to detect vulnerabilities, misconfigurations, and compliance issues in your CI/CD pipelines.

Collection of custom GHA and reusable workflows.

Security Engineering reference: taint analysis benchmark comparing Pysa, CodeQL & Semgrep on a controlled Django app (16 OWASP Top 10 cases). Includes CI/CD integration with SARIF, ground truth validation, and enterprise scaling patterns.