compliance

Star

Here are 683 public repositories matching this topic...

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Updated May 16, 2024
C

cloud-custodian / cloud-custodian

Star

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated May 16, 2024
Python

CISOfy / lynis

Star

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Updated May 16, 2024
Shell

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

python aws security security-audit cloud azure iam gcp forensics compliance hardening security-hardening gdpr multi-cloud security-tools devsecops cis-benchmark well-architected

Updated May 16, 2024
Python

open-policy-agent / opa

Star

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance doge lolcat open-policy-agent

Updated May 16, 2024
Go

bridgecrewio / checkov

Star

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

Updated May 16, 2024
Python

ossec / ossec-hids

Star

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated May 10, 2024
C

inspec / inspec

Star

InSpec: Auditing and Testing Framework

testing security devops tdd spec audit compliance inspec devsec tdd-utilities

Updated May 16, 2024
Ruby

ComplianceAsCode / content

Star

Security automation content in SCAP, Bash, Ansible, and other formats

Updated May 16, 2024
Shell

deepfence / ThreatMapper

Star

Open Source Cloud Native Application Protection Platform (CNAPP)

Updated May 16, 2024
TypeScript

aquasecurity / tfsec

Star

Security scanner for your Terraform code

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

Updated May 7, 2024
Go

fossology / fossology

Star

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.