Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for security compliance
compliance
x
security
x
140 search results found
Wazuh
⭐
8,176
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Tfsec
⭐
6,657
Tfsec is now part of Trivy
Inspec
⭐
2,846
InSpec: Auditing and Testing Framework
Content
⭐
2,131
Security automation content in SCAP, Bash, Ansible, and other formats
Windows_hardening
⭐
2,062
HardeningKitty and Windows Hardening settings and configurations
Hummerrisk
⭐
1,702
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
Hipaa Compliance Developers Guide
⭐
1,569
A developers guide to HIPAA compliance and application development.
Bearer
⭐
1,554
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Awesome Cloud Security
⭐
1,549
🛡️ Awesome Cloud Security Resources ⚔️
Macos_security
⭐
1,444
macOS Security Compliance Project
Lunasec
⭐
1,355
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunase
Cli
⭐
1,307
a lightweight, security focused, BDD test framework against terraform.
Rke2
⭐
1,241
Databunker
⭐
1,208
Secure SDK/vault for personal records/PII built to comply with GDPR
Cloudformation Guard
⭐
1,196
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpy
Sudo_pair
⭐
1,169
Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
Cfn_nag
⭐
1,105
Linting tool for CloudFormation templates
Pacbot
⭐
1,104
PacBot (Policy as Code Bot)
Electriceye
⭐
794
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks
Linux Baseline
⭐
740
DevSec Linux Baseline - InSpec Profile
Copacetic
⭐
679
🧵 CLI tool for directly patching container images using reports from vulnerability scanners
Oscal
⭐
600
Open Security Controls Assessment Language (OSCAL)
Wazuh Docker
⭐
532
Wazuh - Docker containers
Sandworm Audit
⭐
455
Security & License Compliance For Your App's Dependencies 🪱
Binaryanalysis Ng
⭐
438
Binary Analysis Next Generation (BANG)
Awesome Security Grc
⭐
427
Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).
Wazuh Dashboard Plugins
⭐
424
Plugins for Wazuh Dashboard
Cfripper
⭐
384
Library and CLI tool for analysing CloudFormation templates and check them for security compliance.
Xeol
⭐
337
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
Steampipe Mod Aws Compliance
⭐
334
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Steampipe.
Gapps
⭐
279
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
Awesome Privacy Chinese
⭐
268
[WIP]国内隐私合规技术交流
Sandworm Guard Js
⭐
249
Easy auditing & sandboxing for your JavaScript dependencies 🪱
Wazuh Ansible
⭐
227
Wazuh - Ansible playbook
Chainloop
⭐
225
Chainloop is an open source software supply chain control plane, a single source of truth for artifacts plus a declarative attestation crafting process.
Cnspec
⭐
221
An open source, cloud-native security to protect everything from build to runtime
Aws Allowlister
⭐
208
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
Allero
⭐
199
By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps to developers.
Checkov Action
⭐
188
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Securitydemos
⭐
161
Sls Mentor
⭐
154
Analyze your AWS serverless app in one command! 30+ best practices to improve costs💰 security🛡 stability🧘♀️ speed🚀 and sustainability🌱
Wazuh Documentation
⭐
151
Wazuh - Project documentation
Gdpr Tracker
⭐
142
A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors
Cloud Validation Framework
⭐
122
prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
Saf
⭐
118
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Inspec Gcp Cis Benchmark
⭐
116
GCP CIS 1.1.0 Benchmark InSpec Profile
Simp Core
⭐
115
The base SIMP build repository
Terraform Security Scan
⭐
107
Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
Regolibrary
⭐
106
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
Standalone Windows Stig Script
⭐
105
Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.
Cis For Macos Sierra
⭐
99
Chef Windows Hardening
⭐
95
This chef cookbook provides windows hardening configurations for the DevSec Windows baseline profile.
Kodex
⭐
92
A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.
Inspec_tools
⭐
84
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
Kubelight
⭐
76
OWASP Kubernetes security and compliance tool [WIP]
Intercept
⭐
74
INTERCEPT / Policy as Code Auditing / SAST for Code & APIs
Clouditor
⭐
72
The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.
Bridgecrew Action
⭐
72
This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Aws Fast Fixes
⭐
71
Scripts to quickly fix security and compliance issues
Polymath Core Deprecated
⭐
69
Core Ethereum Smart Contracts for Polymath - The Securities Token Platform
Wazuh Packages
⭐
69
Wazuh - Tools for packages creation
Compliance
⭐
64
Docker Enterprise Edition Security Controls for Compliance
Steampipe Mod Zoom Compliance
⭐
62
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom.
Git Proxy
⭐
61
Deploy custom push protections and policies on top of Git
Health Data And Ai Blueprint
⭐
61
Azure Security and Compliance Blueprint - HIPAA/HITRUST Health Data and AI - deployment, and demo that Predicts the Length of Stay in Hospitals
Wazuh Api
⭐
56
Wazuh - RESTful API
Enigma
⭐
49
Access management tool
Steampipe Mod Azure Compliance
⭐
49
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Steampipe.
Schemas
⭐
46
YAML schema, examples, and validators for OpenControl format.
Tel It Security Automation
⭐
46
Deutsche Telekom IT GmbH (DevSecOps Team): Project for Security & Compliance Automation
Standalone Windows Server Stig Script
⭐
46
Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.
Wazuh Splunk
⭐
45
Wazuh - Splunk App
Sec Audit
⭐
42
PowerShell Script for Windows Server Compliance / Security Configuration Audit
Mira Community
⭐
41
Mira - Risk Management Platform - Community Edition
2016_jnuc_security_reporting_compliance
⭐
40
Repo for code used in all presentation slides from the 2016 JNUC Presentation "Digging into Security, Compliance, and Reporting"
Wazuh Puppet
⭐
38
Wazuh - Puppet module
Fedramp Tailored
⭐
37
FedRAMP Tailored.
Pci Paas Webapp Ase Sqldb Appgateway Keyvault Oms
⭐
35
Azure PCI PaaS Reference Architecture
Search Guard
⭐
33
Search Guard Plugin - Security for Elasticsearch
Eks Creation Engine
⭐
33
The Amazon Elastic Kubernetes Service (EKS) Creation Engine (ECE) is a Python command-line program created by the Lightspin Office of the CISO to facilitate the creation and enablement of secure EKS Clusters.
Advisor
⭐
29
Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration
Terraform Aws Waf
⭐
29
Steampipe Mod Kubernetes Compliance
⭐
29
Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Steampipe.
Aws Config
⭐
28
Deep Security's APIs make it simple to integration with a variety of AWS Services
Steampipe Mod Gcp Compliance
⭐
28
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your GCP projects using Steampipe.
Fedramp Templater
⭐
25
EXPERIMENTAL: a template builder for FedRAMP System Security Plans
Security Goals
⭐
25
🦑 Security Goals - Automatic compliance reporting for Kubernetes / Rapport de conformité automatique pour Kubernetes
Ciso Assistant Community
⭐
24
CISO Assistant - Open-source GRC made simple - NIST CSF, ISO 27001, NIS2, SOC2, PCI DSS and CMMC compliance
Php Baseline
⭐
24
DevSec PHP baseline - InSpec Profile
Security Agent Policies
⭐
23
Policies for Security Agent - compliance and runtime checks
Steampipe Mod Terraform Aws Compliance
⭐
23
Run compliance and security controls to detect Terraform AWS resources deviating from security best practices prior to deployment.
Cg Compliance Docs
⭐
23
cloud.gov security policies and procedures
Config Rule Status
⭐
22
A project to create AWS Config Rules and use them to test AWS Resource compliance.
Inspec Gke Cis Benchmark
⭐
21
GKE CIS 1.1.0 Benchmark InSpec Profile
Terraform Aws Guardduty
⭐
20
Terraform module to provision AWS Guard Duty
Ssa
⭐
20
Open Standard Vulnerability & Compliance Scanner
Wazuh Chef
⭐
19
Wazuh - Chef cookbooks
Openstack Baseline
⭐
17
Use InSpec to run through the configurations from the OpenStack Security Guide.
Tf2project
⭐
17
Terraform Test Framework
Oscal Deep Diff
⭐
17
Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
Related Searches
Security Vulnerabilities (12,357)
Laravel Security (11,580)
Php Security (10,611)
Javascript Security (2,953)
Java Security (2,469)
Html Security (2,284)
Python Security (1,733)
Golang Security (1,316)
Shell Security (1,213)
Security Penetration Testing (920)
1-100 of 140 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.