Hello, I can assist you in configuring fully functional DevSecOps pipelines while following the best practices. Please find below the tools 1) Jenkins, GitLab Ci or GitHub actions. 2) Sonarqube or Fortify - Static code analysis 3) maven or ant 4) Nexus or Jfrog artifatory - Binary repository 5) Harbor, Nexus image registry, Jfrog image registry, Docker Trusted Registry - Image vulnerability scanning and signing. 6) Docker, Kubernetes, OpenShift etc