<h3 id="heading-links">Links</h3>
<ul>
<li>[tool] <a target="_blank" href="https://github.com/threatcl/threatcl">threatcl/threatcl: Documenting your Threat Models with HCL</a>
</li>
<li>[tool] <a target="_blank" href="https://github.com/aquasecurity/chain-bench">aquasecurity/chain-bench: An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.</a>
</li>
<li>[video] <a target="_blank" href="https://www.linkedin.com/events/7175751572528766976/comments/">Webinar: Rapid Threat Modeling with GenAI and LLMs</a>
</li>
<li>[artigo] <a target="_blank" href="https://thenewstack.io/product-security-plans-what-they-are-and-why-they-matter/">Product Security Plans: What They Are and Why They Matter</a>
</li>
<li>[video] <a target="_blank" href="https://www.youtube.com/watch?v=C_5KRqQrGD4">Secure LLM Architecture - Testing LLM Guard</a>
</li>
<li>[wiki] <a target="_blank" href="https://riskbasedprioritization.github.io/">Risk Based Prioritization</a>
</li>
<li>[tool] <a target="_blank" href="https://www.sonatype.com/products/sonatype-sbom-manager?utm_campaign=organic+social&amp;utm_source=linkedin&amp;utm_medium=social">sonatype SBOM manager</a>
</li>
<li>[artigo] <a target="_blank" href="https://www.jit.io/blog/the-essential-components-of-a-devsecops-pipeline">Jit | The Essential Components of a DevSecOps Pipeline</a>
</li>
</ul>
<h3 id="heading-vagas">Vagas</h3>
<ul>
<li><a target="_blank" href="https://www.linkedin.com/jobs/view/3872562173/">Loggi - Senior Cybersecurity Manager (App Sec &amp; SOC)</a>
</li>
<li><a target="_blank" href="https://www.linkedin.com/jobs/view/3872417355/">Compass UOL - Security Champion | Senior</a>
</li>
</ul>

### Links

* \[tool\] [threatcl/threatcl: Documenting your Threat Models with HCL](https://github.com/threatcl/threatcl)
    
* \[tool\] [aquasecurity/chain-bench: An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.](https://github.com/aquasecurity/chain-bench)
    
* \[video\] [Webinar: Rapid Threat Modeling with GenAI and LLMs](https://www.linkedin.com/events/7175751572528766976/comments/)
    
* \[artigo\] [Product Security Plans: What They Are and Why They Matter](https://thenewstack.io/product-security-plans-what-they-are-and-why-they-matter/)
    
* \[video\] [Secure LLM Architecture - Testing LLM Guard](https://www.youtube.com/watch?v=C_5KRqQrGD4)
    
* \[wiki\] [Risk Based Prioritization](https://riskbasedprioritization.github.io/)
    
* \[tool\] [sonatype SBOM manager](https://www.sonatype.com/products/sonatype-sbom-manager?utm_campaign=organic+social&utm_source=linkedin&utm_medium=social)
    
* \[artigo\] [Jit | The Essential Components of a DevSecOps Pipeline](https://www.jit.io/blog/the-essential-components-of-a-devsecops-pipeline)
    

### Vagas

* [Loggi - Senior Cybersecurity Manager (App Sec & SOC)](https://www.linkedin.com/jobs/view/3872562173/)
    
* [Compass UOL - Security Champion | Senior](https://www.linkedin.com/jobs/view/3872417355/)

AppSec Newsletter 0028

Tornando a vida do security champion um pouco mais fácil a cada dia =)
