compliance

Here are 792 public repositories matching this topic...

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Updated Jan 29, 2025
Shell

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Updated Jan 31, 2025
C++

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

Updated Feb 1, 2025
Python

open-policy-agent / opa

Star

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance doge lolcat open-policy-agent

Updated Feb 1, 2025
Go

codenotary / immudb

Star

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

go verify performance immutable sql database key-value verification pci-dss cryptographic compliance merkle-tree immutable-database gdpr zero-trust timetravel tamper-evident auditable tamperproof

Updated Jan 2, 2025
Go

bridgecrewio / checkov

Star

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

Updated Jan 30, 2025
Python

aquasecurity / tfsec

Star

Tfsec is now part of Trivy

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

Updated Jan 13, 2025
Go

cloud-custodian / cloud-custodian

Star

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated Feb 1, 2025
Python

deepfence / ThreatMapper

Star

Open Source Cloud Native Application Protection Platform (CNAPP)

Updated Feb 2, 2025
TypeScript

ossec / ossec-hids

Star

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated Jan 22, 2025
C

inspec / inspec

Star

InSpec: Auditing and Testing Framework

testing security devops tdd spec audit compliance inspec devsec tdd-utilities

Updated Jan 30, 2025
Ruby

intuitem / ciso-assistant-community

Star

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more