#

compliance

Here are 760 public repositories matching this topic...

wazuh / wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Updated Nov 22, 2024
C++

prowler

prowler-cloud / prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

python aws security security-audit cloud azure iam gcp forensics compliance hardening security-hardening gdpr multi-cloud security-tools devsecops cis-benchmark well-architected

Updated Nov 22, 2024
Python

cloud-custodian

cloud-custodian / cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated Nov 14, 2024
Python

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Updated Nov 4, 2024
Shell

open-policy-agent / opa

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance doge lolcat open-policy-agent

Updated Nov 22, 2024
Go

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

Updated Nov 21, 2024
Python

ossec / ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated Jun 6, 2024
C

ComplianceAsCode / content

Security automation content in SCAP, Bash, Ansible, and other formats

Updated Nov 22, 2024
Shell

inspec / inspec

InSpec: Auditing and Testing Framework

testing security devops tdd spec audit compliance inspec devsec tdd-utilities

Updated Nov 22, 2024
Ruby

ThreatMapper

deepfence / ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Updated Nov 22, 2024
TypeScript

tfsec

aquasecurity / tfsec

Tfsec is now part of Trivy

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

Updated Oct 3, 2024
Go

fossology / fossology

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

oss compliance license spdx license-management fossology spdx-licenses license-checking license-scan compliance-check compliance-automation

Updated Nov 18, 2024
PHP

wazuh / wazuh-docker

Wazuh - Docker containers

Updated Nov 22, 2024
Shell

OpenSCAP / openscap

NIST Certified SCAP 1.2 toolkit

data-stream compliance scap xccdf oval cpe scanning openscap

Updated Nov 13, 2024
XSLT

wazuh / wazuh-documentation

Wazuh - Project documentation

security elasticsearch documentation log-analysis monitoring reference incident-response intrusion-detection pci-dss compliance security-hardening fim loganalyzer vulnerability-detection ossec openscap wazuh security-awareness file-integrity-management

Updated Nov 22, 2024
JavaScript

immudb

codenotary / immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

go verify performance immutable sql database key-value verification pci-dss cryptographic compliance merkle-tree immutable-database gdpr zero-trust timetravel tamper-evident auditable tamperproof

Updated Sep 19, 2024
Go

0x6d69636b / windows_hardening

HardeningKitty and Windows Hardening Settings

windows checklist security registry cis powershell audit windows-10 windows-server compliance hardening defense stig sisyphus blueteam bsi windows-11 security-baseline windows-hardening

Updated Oct 28, 2024
PowerShell

ort

oss-review-toolkit / ort

A suite of tools to automate software compliance checks.

Updated Nov 22, 2024
Kotlin

HummerRisk / HummerRisk

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

security vulnerability cloud-native compliance cloud-custodian compliance-as-code prowler sbom kubernetes-security trivy k8s-security cspm cloud-native-security

Updated Mar 13, 2024
Java

nsacyber / Windows-Secure-Host-Baseline

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

windows auditing certificates chrome-browser audit windows-10 windows-server compliance nessus group-policy applocker internet-explorer windows-firewall microsoft-office windows-server-2016 adobe-reader

Updated Dec 24, 2022
HTML

Improve this page

Add a description, image, and links to the compliance topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the compliance topic, visit your repo's landing page and select "manage topics."