compliance

Here are 470 public repositories matching this topic...

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Updated Oct 17, 2022
Shell

codenotary / immudb

Star

immudb - immutable database based on zero trust, SQL and Key-Value, tamperproof, data change history

Updated Oct 17, 2022
Go

open-policy-agent / opa

Star

An open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance doge lolcat open-policy-agent

Updated Oct 17, 2022
Go

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Updated Oct 17, 2022
Shell

aquasecurity / tfsec

Star

Security scanner for your Terraform code

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform vulnerability-scanners devsecops misconfiguration terraform-security

Updated Oct 14, 2022
Go

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform

security elasticsearch log-analysis monitoring incident-response ids intrusion-detection pci-dss compliance security-hardening loganalyzer vulnerability-detection ossec openscap wazuh policy-monitoring security-awareness file-integrity-management

Updated Oct 17, 2022
C

bridgecrewio / checkov

Star

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Updated Oct 17, 2022
Python

cloud-custodian / cloud-custodian

Star

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated Oct 17, 2022
Python

ossec / ossec-hids

Star

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated Oct 11, 2022
C

inspec / inspec

Star

InSpec: Auditing and Testing Framework

testing security devops tdd spec audit compliance inspec devsec tdd-utilities

Updated Oct 17, 2022
Ruby

cloudquery / cloudquery

Star

The open-source data integration platform for security and infrastructure teams

aws security cis sql monitor azure gcp cloud-computing compliance cloudtrail aws-security cis-benchmark well-architected gcp-security cspm

Updated Oct 17, 2022
Go

deepfence / ThreatMapper

Star

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

Updated Oct 17, 2022
JavaScript

ComplianceAsCode / content

Star

Security automation content in SCAP, Bash, Ansible, and other formats

Updated Oct 17, 2022
Shell

0x6d69636b / windows_hardening

Star

HardeningKitty and Windows Hardening settings and configurations

windows checklist security registry powershell audit windows-10 compliance hardening defense blueteam windows-hardening

Updated Oct 8, 2022
PowerShell

nsacyber / Windows-Secure-Host-Baseline

Star

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

windows auditing certificates chrome-browser audit windows-10 windows-server compliance nessus group-policy applocker internet-explorer windows-firewall microsoft-office windows-server-2016 adobe-reader

Updated Sep 12, 2018
HTML

terraform-compliance / cli

Star

a lightweight, security focused, BDD test framework against terraform.

testing infrastructure terraform bdd bdd-style hashicorp compliance testing-framework

Updated Oct 7, 2022
Python

lunasec-io / lunasec

Sponsor

Star

LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. Get started in one-click via our GitHub App or host it yourself. https://github.com/apps/lunatrace-by-lunasec/