Repository navigation

compliance

Website
Wikipedia

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Shell Linux pci-dss compliance 安全 security-hardening security-scanner hipaa Unix vulnerability-detection vulnerability-scanners vulnerability-assessment DevOps devops-tools hardening auditing gdpr

Shell

14079

1519

18 天前

wazuh / wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

安全 compliance Logging vulnerability-detection Cybersecurity file-integrity-monitoring malware-detection cloud-security container-security security-automation siem xdr configuration-assessement incident-response pci-dss security-hardening wazuh

C++

12233

1810

13 小时前

prowler-cloud / prowler

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

安全 security-hardening hardening Amazon Web Services cis-benchmark compliance gdpr forensics cloud well-architected devsecops Azure iam Python Google 云 multi-cloud Software as a service cspm

Python

11510

1681

12 小时前

open-policy-agent / opa

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Open Policy Agent policy declarative JSON compliance cloud-native authorization doge lolcat

10142

1401

2 天前

codenotary / immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

key-value immutable merkle-tree Go 数据库 tamperproof verification immutable-database compliance pci-dss gdpr verify performance SQL timetravel zero-trust

8727

346

19 天前

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Terraform static-analysis Amazon Web Services Google 云 Azure aws-security cloudformation scans compliance Kubernetes Infrastructure as code DevOps Hacktoberfest

Python

7494

1182

1 天前

aquasecurity / tfsec

Tfsec is now part of Trivy

Terraform 安全 scanner static-analysis 持续集成 Amazon Web Services Azure Google 云 compliance Infrastructure as code devsecops vulnerability-scanners misconfiguration digitalocean DevOps linter Go Hacktoberfest

6805

547

2 个月前

cloud-custodian / cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Amazon Web Services compliance cloud rules-engine cloud-computing management Serverless lambda Google 云 Azure

Python

5631

1535

2 天前

deepfence / ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

TypeScript

4971

609

3 天前

ossec / ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

hids 安全 pci-dss nist800-53 ossec compliance intrusion-detection fim loganalyzer policy-monitoring

4691

1051

3 个月前

inspec / inspec

InSpec: Auditing and Testing Framework

audit inspec 安全 compliance devsec DevOps tdd-utilities Test-driven development spec Testing

Ruby

2906

681

1 天前

intuitem / ciso-assistant-community

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +80 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, CyFun, AirCyber, NCSC, ECC, SCF and so much mor