Security Control Center for DevSecOps
The Security Control Center provides you with a set of tools to secure your project. The tools are designed to be used in a DevOps environment and are integrated into your CI/CD pipeline. The Workflow is based on proven security practices and is designed to be easy to use.
Development 
Secure Coding Guidelines
Produce secure code by following secure coding guidelines.
Git Commit Signing
Sign git commits to ensure the authenticity of the author.
In-Toto Provenance
Prove the integrity of the software supply chain. Creates a post-commit hook that records the file hashes of the project.
Continous Integration 
Git Commit Verification
Verify the authenticity of the author of git commits.
Secret Scanning
Scan git repositories for finding potential credentials leakage.
Static Application Security Testing
Find security vulnerabilities in produced source code.
Software Composition Analysis
Find known vulnerabilities in third-party and open source dependencies.
Infrastructure as Code
Find security vulnerabilities in infrastructure code like Dockerfiles, Terraform, etc.
Container Scanning
Find known security vulnerabilities in OCI images, like Docker Images.
Dynamic Application Security Testing
Find security vulnerabilities in running applications.
Image Signing
Ensure the integrity and authenticity of your container images.
Operations 
Image Verification
Ensure the integrity and authenticity of your container images.