Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for compliance
compliance
x
728 search results found
Lynis
⭐
12,150
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Prowler
⭐
9,547
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Opa
⭐
8,843
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Immudb
⭐
8,416
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
Wazuh
⭐
8,176
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Tfsec
⭐
6,548
Security scanner for your Terraform code
Checkov
⭐
6,284
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Cloud Custodian
⭐
5,207
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Threatmapper
⭐
4,534
Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.
Ossec Hids
⭐
4,145
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Csv
⭐
3,226
CSV data manipulation made easy in PHP
Inspec
⭐
2,805
InSpec: Auditing and Testing Framework
Content
⭐
2,065
Security automation content in SCAP, Bash, Ansible, and other formats
Windows_hardening
⭐
2,062
HardeningKitty and Windows Hardening settings and configurations
Ballerine
⭐
1,858
Open-source infrastructure and data orchestration platform for risk decisioning
Ua .netstandard
⭐
1,785
OPC Unified Architecture .NET Standard
Hummerrisk
⭐
1,702
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
Kubeconform
⭐
1,595
A FAST Kubernetes manifests validator, with support for Custom Resources!
Hipaa Compliance Developers Guide
⭐
1,569
A developers guide to HIPAA compliance and application development.
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Awesome Cloud Security
⭐
1,549
🛡️ Awesome Cloud Security Resources ⚔️
Macos_security
⭐
1,444
macOS Security Compliance Project
Ort
⭐
1,405
A suite of tools to automate software compliance checks.
Appshark
⭐
1,382
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.
Lunasec
⭐
1,355
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunase
Cli
⭐
1,307
a lightweight, security focused, BDD test framework against terraform.
Windows Secure Host Baseline
⭐
1,306
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Auditd
⭐
1,293
Best Practice Auditd Configuration
Rke2
⭐
1,241
Openscap
⭐
1,217
NIST Certified SCAP 1.2 toolkit
Databunker
⭐
1,208
Secure SDK/vault for personal records/PII built to comply with GDPR
Cement
⭐
1,196
Application Framework for Python
Cloudformation Guard
⭐
1,196
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpy
Sudo_pair
⭐
1,169
Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
Cfn_nag
⭐
1,105
Linting tool for CloudFormation templates
Pacbot
⭐
1,104
PacBot (Policy as Code Bot)
Taplo
⭐
1,012
A TOML toolkit written in Rust
Tern
⭐
909
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.
Tinyriscv
⭐
865
A very simple and easy to understand RISC-V core.
Comply
⭐
860
Compliance automation framework, focused on SOC2
Open Source Security Guide
⭐
795
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
Electriceye
⭐
794
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Linux Baseline
⭐
740
DevSec Linux Baseline - InSpec Profile
Njs
⭐
721
An official read-only mirror of http://hg.nginx.org/njs/ which is updated hourly.
Fossology
⭐
712
FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
Period
⭐
710
PHP's time range API
Gdpr Checklist
⭐
689
The GDPR Checklist
Promises Tests
⭐
683
Compliances tests for Promises/A+
Copacetic
⭐
679
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
Betterscan Ce
⭐
673
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners + OpenAI GPT with One Report (Code, IaC) - Betterscan Community Edition (CE)
Dep Scan
⭐
673
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.
Kibitzr
⭐
603
Personal Web Assistant
Oscal
⭐
600
Open Security Controls Assessment Language (OSCAL)
Wazuh Docker
⭐
532
Wazuh - Docker containers
Super
⭐
517
S.U.P.E.R.M.A.N. optimizes the macOS software update experience.
Aura.router
⭐
486
A web router implementation for PHP.
Trojanx
⭐
485
Trojan Client for macOS, ported from ShadowsocksX-NG. Please use it in compliance with laws, regulations and rules.
Rudder
⭐
481
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
Symmetric Encryption
⭐
477
Symmetric Encryption for Ruby Projects using OpenSSL
Sandworm Audit
⭐
455
Security & License Compliance For Your App's Dependencies 🪱
Privado
⭐
454
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
Terraform Validator
⭐
442
Terraform Validator is not an officially supported Google product; it is a library for conversion of Terraform plan data to CAI Assets. If you have been using terraform-validator directly in the past, we recommend migrating to `gcloud beta terraform vet`.
Binaryanalysis Ng
⭐
438
Binary Analysis Next Generation (BANG)
Awesome Security Grc
⭐
427
Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).
Go Redis
⭐
410
Google Go Client and Connectors for Redis
Stream
⭐
397
🗄️ Stream plugin for WordPress
Rbac
⭐
392
PHP-RBAC is an authorization library for PHP. It provides developers with NIST Level 2 Standard Role Based Access Control and more, in the fastest implementation yet.
Cfripper
⭐
384
Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
Wazuh Dashboard Plugins
⭐
376
Plugins for Wazuh Dashboard
Opendsr
⭐
356
A common framework enabling companies to work together to protect consumers' privacy and data rights.
Uri Parser
⭐
352
RFC3986/RFC3987 compliant URI parser
Aura.di
⭐
345
Dependency Injection System
Compliance Masonry
⭐
336
Security Documentation Builder
Pyaiml
⭐
335
PyAIML is an interpreter for AIML (Artificial Intelligence Markup Language). cloned from sf.net.
Steampipe Mod Aws Compliance
⭐
334
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Steampipe.
Riscv Crypto
⭐
330
RISC-V cryptography extensions standardisation work.
Reuse Tool
⭐
329
reuse is a tool for compliance with the REUSE recommendations.
Uri Components
⭐
298
[READ-ONLY] League URI components objects
Opa Envoy Plugin
⭐
296
A plugin to enforce OPA policies with Envoy
Ninegridview
⭐
291
一个九宫格自定义控件,实现类似微信和微博的九宫格图片显示
Xeol
⭐
291
A scanner for deprecated and end-of-life (EOL) software in container images, filesystems, and SBOMs
Gapps
⭐
279
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
O365 Admin Center
⭐
271
The O365 Admin Center is a GUI application that administrators can use to administer every aspect of Office 365 including Exchange Online, Compliance Center, SharePoint and Skype for Business.
Ssh Baseline
⭐
270
DevSec SSH Baseline - InSpec Profile
Awesome Privacy Chinese
⭐
268
[WIP]国内隐私合规技术交流
Andi
⭐
262
A tool to test web content for accessibility and 508 compliance.
Iambic
⭐
262
IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in Git.
Cloudstack Archive
⭐
258
DEPRECATED & read-only!! - This repo exists for GPL compliance only. CloudStack development has moved to the ASF - see http://cloudstack.apache.org/
Reposaur
⭐
252
Open source compliance tool for development platforms.
Intunebackupandrestore
⭐
246
PowerShell Module that queries Microsoft Graph, and allows for cross-tenant Backup & Restore actions of your Intune Configuration.
Sandworm Guard Js
⭐
245
Easy auditing & sandboxing for your JavaScript dependencies 🪱
Icewm
⭐
241
IceWM releases only, see Wiki
Spdx Spec
⭐
241
The SPDX specification in MarkDown and HTML formats.
Security Policy Templates
⭐
238
A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.
Dns Violations
⭐
234
List of DNS violations by implementations, software and/or systems
Laravel Gdpr
⭐
234
GDPR compliance with ease.
Wazuh Ansible
⭐
227
Wazuh - Ansible playbook
Chainloop
⭐
225
Chainloop is an open source software supply chain control plane, a single source of truth for artifacts plus a declarative attestation crafting process.
Aws Config Engine For Compliance As Code
⭐
224
Manage AWS Config Rules at scale in AWS multi-account and/or multi-region environment; with fully configurable deployment (RuleSets) and analytics.
Container Compliance
⭐
224
Assessing compliance of a container
1-100 of 728 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.