Projects in Awesome Lists tagged with compliance

https://github.com/cisofy/lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 16 Dec 2024

https://github.com/CISOfy/Lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 17 Nov 2024

https://github.com/CISOfy/lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 29 Oct 2024

https://github.com/wazuh/wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

cloud-security compliance configuration-assessement container-security cybersecurity file-integrity-monitoring incident-response infosec log-analysis malware-detection pci-dss security security-audit security-automation security-hardening security-tools siem vulnerability-detection wazuh xdr

Last synced: 17 Dec 2024

https://github.com/prowler-cloud/prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

aws azure cis-benchmark cloud compliance devsecops forensics gcp gdpr hardening iam multi-cloud python security security-audit security-hardening security-tools well-architected

Last synced: 16 Dec 2024

https://github.com/open-policy-agent/opa

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

authorization cloud-native compliance declarative doge json lolcat opa open-policy-agent policy

Last synced: 16 Dec 2024

https://github.com/codenotary/immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

auditable compliance cryptographic database gdpr go immutable immutable-database key-value merkle-tree pci-dss performance sql tamper-evident tamperproof timetravel verification verify zero-trust

Last synced: 16 Dec 2024

https://github.com/bridgecrewio/checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

aws aws-security azure cloudformation compliance devops gcp hacktoberfest infrastructure-as-code kubernetes scans static-analysis terraform

Last synced: 16 Dec 2024

https://aquasecurity.github.io/tfsec/

Security scanner for your Terraform code

aws azure ci compliance devops devsecops digitalocean go google-cloud-platform hacktoberfest infrastructure-as-code linter misconfiguration scanner security static-analysis terraform terraform-security vulnerability-scanners

Last synced: 02 Nov 2024

https://github.com/aquasecurity/tfsec

Security scanner for your Terraform code

aws azure ci compliance devops devsecops digitalocean go google-cloud-platform hacktoberfest infrastructure-as-code linter misconfiguration scanner security static-analysis terraform terraform-security vulnerability-scanners

Last synced: 16 Dec 2024

https://github.com/liamg/tfsec

Security scanner for your Terraform code

aws azure ci compliance devops devsecops digitalocean go google-cloud-platform hacktoberfest infrastructure-as-code linter misconfiguration scanner security static-analysis terraform terraform-security vulnerability-scanners

Last synced: 09 Dec 2024

https://github.com/cloud-custodian/cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws azure cloud cloud-computing compliance gcp lambda management rules-engine serverless

Last synced: 16 Dec 2024

https://github.com/deepfence/threatmapper

Open Source Cloud Native Application Protection Platform (CNAPP)

cloud-native cloudsecurity cnapp compliance containers cspm cwpp devops devsecops hacktoberfest kubernetes observability registry-scanning scanning-tool secops security-tools threat-analysis vulnerability-detection vulnerability-management vulnerability-scanners

Last synced: 17 Dec 2024

https://github.com/deepfence/ThreatMapper

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

cloud-native cloudsecurity cnapp compliance containers cspm cwpp devops devsecops hacktoberfest kubernetes observability registry-scanning scanning-tool secops security-tools threat-analysis vulnerability-detection vulnerability-management vulnerability-scanners

Last synced: 28 Oct 2024

https://github.com/ossec/ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

compliance file-integrity-management fim hids intrusion-detection loganalyzer nist800-53 ossec pci-dss policy-monitoring security

Last synced: 17 Dec 2024

https://github.com/inspec/inspec

InSpec: Auditing and Testing Framework

audit compliance devops devsec inspec security spec tdd tdd-utilities testing

Last synced: 02 Nov 2024

https://github.com/0x6d69636b/windows_hardening

HardeningKitty and Windows Hardening Settings

audit blueteam bsi checklist cis compliance defense hardening powershell registry security security-baseline sisyphus stig windows windows-10 windows-11 windows-hardening windows-server

Last synced: 18 Dec 2024

https://github.com/yannh/kubeconform

A FAST Kubernetes manifests validator, with support for Custom Resources!

compliance kubernetes validation

Last synced: 16 Dec 2024

https://github.com/ComplianceAsCode/content

Security automation content in SCAP, Bash, Ansible, and other formats

ansible application-security cce compliance cpe cybersecurity hardening information-security ospp oval pci-dss scap security security-automation security-hardening security-profile security-tools stig usgcb xccdf

Last synced: 01 Nov 2024

https://github.com/complianceascode/content

Security automation content in SCAP, Bash, Ansible, and other formats

ansible application-security cce compliance cpe cybersecurity hardening information-security ospp oval pci-dss scap security security-automation security-hardening security-profile security-tools stig usgcb xccdf

Last synced: 19 Dec 2024

https://github.com/ballerine-io/ballerine

Open-source infrastructure and data orchestration platform for risk decisioning

back-office case-management compliance dashboard flow fraud id-card-camera identity-verification idv know-your-customer kyb kyc liveliness ocr onboarding orchestration risk-management rule-engine sdk svelte

Last synced: 17 Dec 2024

https://github.com/usnistgov/macos_security

macOS Security Compliance Project

apple bash compliance macos mdm python3 zsh

Last synced: 19 Dec 2024

https://github.com/hummerrisk/hummerrisk

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability

Last synced: 21 Dec 2024

https://github.com/HummerRisk/HummerRisk

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

cloud-custodian cloud-native cloud-native-security compliance compliance-as-code cspm k8s-security kubernetes-security prowler sbom security trivy vulnerability

Last synced: 12 Nov 2024

https://github.com/bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability

Last synced: 24 Oct 2024

https://github.com/Bearer/bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

appsec code-quality compliance dataflow devsecops devsecops-tools gdpr owasp privacy sast security security-audit security-automation security-scanner security-tools static-analysis static-code-analysis vulnerabilities vulnerability

Last synced: 02 Nov 2024

https://github.com/oss-review-toolkit/ort

A suite of tools to automate software compliance checks.

compliance copyright cra cyclonedx dependencies dependency-graph dora hacktoberfest license license-management open-source-licensing ospo oss-compliance package-manager sbom sbom-generator sca spdx

Last synced: 18 Dec 2024

https://github.com/nsacyber/Windows-Secure-Host-Baseline

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

adobe-reader applocker audit auditing certificates chrome-browser compliance group-policy internet-explorer microsoft-office nessus windows windows-10 windows-firewall windows-server windows-server-2016

Last synced: 06 Nov 2024

https://github.com/bytedance/appshark

Appshark is a static taint analysis platform to scan vulnerabilities in an Android app.

android compliance static-analysis vulnerability

Last synced: 19 Dec 2024

https://github.com/heremaps/oss-review-toolkit

A suite of tools to automate software compliance checks.

compliance copyright copyright-scan cyclonedx dependencies dependency-graph hacktoberfest license license-checking license-management license-scan open-source-licensing ospo oss-compliance package-manager package-scan sbom sbom-generator sca spdx

Last synced: 01 Oct 2024

https://github.com/lunasec-io/lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

compliance continuous-delivery cve-scanning cybersecurity dependency-analysis devsecops gdpr log4shell pci-dss sbom sbom-generator scanning scanning-tool security security-tools soc2 software-composition-analysis tokenization web-security zero-trust

Last synced: 20 Dec 2024

https://github.com/terraform-compliance/cli

a lightweight, security focused, BDD test framework against terraform.

bdd bdd-style compliance hashicorp infrastructure terraform testing testing-framework

Last synced: 19 Dec 2024

https://github.com/strongdm/comply

Compliance automation framework, focused on SOC2

compliance documentation-toolchain gdpr go golang grc hipaa iso27001 pdf-generation soc2 templates

Last synced: 15 Dec 2024

https://github.com/aws-cloudformation/cloudformation-guard

Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules. Take this survey to provide feedback about cfn-guard: https://amazonmr.au1.qualtrics.com/jfe/form/SV_bpyzpfoYGGuuUl0

cfn-guard cloudformation compliance governance k8s policy-as-code policy-rule-evaluation security terraform

Last synced: 17 Dec 2024

https://github.com/stelligent/cfn_nag

Linting tool for CloudFormation templates

amazon aws cfn cfn-nag cloudformation cloudformation-security cloudformation-templates compliance continuous-testing devops hacktoberfest iam-rules lint linting open-source security security-automation static-analysis stelligent unit-testing

Last synced: 17 Dec 2024

https://github.com/OpenSCAP/openscap

NIST Certified SCAP 1.2 toolkit

compliance cpe data-stream openscap oval scanning scap xccdf

Last synced: 26 Oct 2024

https://github.com/openscap/openscap

NIST Certified SCAP 1.2 toolkit

compliance cpe data-stream openscap oval scanning scap xccdf

Last synced: 01 Dec 2024

https://github.com/securitybunker/databunker

Secure Vault for Customer PII/PHI/PCI/KYC Records

anonymization application-server ccpa compliance data-anonymization data-protection database encryption gdpr legaltech passportjs pii piidata privacy privacy-by-design secure-storage security tokenization user-consent vault

Last synced: 19 Dec 2024

https://github.com/square/sudo_pair

Plugin for sudo that requires another human to approve and monitor privileged sudo sessions

authentication compliance linux pairing pam rust security sudo

Last synced: 20 Dec 2024

https://github.com/project-copacetic/copacetic

🧵 CLI tool for directly patching container images!

cncf compliance container-image container-security containers devsecops docker hacktoberfest patching security security-tools trivy vulnerabilities vulnerability vulnerability-management

Last synced: 02 Nov 2024

https://github.com/tern-tools/tern

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

compliance containers dependencies docker metadata-extraction open-source oss-compliance python risk-management sbom software-composition-analysis spdx supply-chain-security tool

Last synced: 20 Dec 2024

https://github.com/mikeroyal/open-source-security-guide

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection

Last synced: 16 Dec 2024

https://github.com/mikeroyal/Open-Source-Security-Guide

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

compliance cyber-security detection-engineering forensics-tools incident-management incident-response information-security infosec intrusion-detection kali-linux mitre-attack network-analysis offensive-security pentesters privacy-protection scanning-tool siem surveillance vulnerabilities vulnerability-detection

Last synced: 01 Nov 2024

https://github.com/owasp-dep-scan/dep-scan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

compliance containers cve cyclonedx dependency-analysis dependency-audit devsecops reachability-analysis risk-audit sbom sca security-audit security-tools supply-chain-security vex vulnerability-scanners

Last synced: 04 Nov 2024

https://github.com/jonrau1/ElectricEye

ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

asset-management attack-surface-management aws aws-audit aws-compliance aws-security cloud-auditing cloud-compliance-reporting cloud-security compliance devsecops gcp-security google-cloud-security multicloud saas-security security-audit security-engineering security-hub security-monitoring security-tools

Last synced: 02 Nov 2024

https://github.com/fossology/fossology

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

compliance compliance-automation compliance-check fossology license license-checking license-management license-scan oss spdx spdx-licenses

Last synced: 06 Nov 2024

https://github.com/tcosolutions/betterscan

Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan

code-quality code-quality-analyzer compliance devops devops-tools devsecops gdpr owasp sast security-audit security-automation security-orchestration security-scanner security-tools sonarqube static-analysis static-analyzers static-code-analysis vulnerability vulnerability-scanner

Last synced: 14 Oct 2024

https://github.com/privacyradius/gdpr-checklist

The GDPR Checklist

checklist compliance gatsby gdpr gdpr-checklist privacy

Last synced: 17 Dec 2024

https://github.com/usnistgov/oscal

Open Security Controls Assessment Language (OSCAL)

assessment authorization automation compliance json nist oscal schema security xml yaml

Last synced: 20 Dec 2024

https://github.com/usnistgov/OSCAL

Open Security Controls Assessment Language (OSCAL)

assessment authorization automation compliance json nist oscal schema security xml yaml

Last synced: 07 Nov 2024

https://github.com/Macjutsu/super

S.U.P.E.R.M.A.N. optimizes the macOS software update experience.

apple compliance jamf jamf-pro jamfpro jamfpro-scripts mac macadmin macadmins macos mdm operating-system update updates

Last synced: 05 Nov 2024

https://github.com/wazuh/wazuh-docker

Wazuh - Docker containers

compliance docker elasticsearch file-integrity-management hacktoberfest hacktoberfest-accepted ids incident-response intrusion-detection log-analysis loganalyzer monitoring ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh

Last synced: 17 Dec 2024

https://github.com/Privado-Inc/privado

Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.

android-privacy-tools appsec compliance devprivops devsecops gdpr gdpr-compliant hacktoberfest play-store-data-safety privacy-by-design privacy-engineering privacy-labels privacy-policy static-analysis

Last synced: 01 Nov 2024

https://github.com/normation/rudder

Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.

auditing automation compliance configuration-management continous-auditing continuous-configuration devops

Last synced: 09 Nov 2024

https://github.com/Normation/rudder

Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.

auditing automation compliance configuration-management continous-auditing continuous-configuration devops

Last synced: 04 Nov 2024

https://github.com/armijnhemel/binaryanalysis-ng

Binary Analysis Next Generation (BANG)

compliance licensecompliance reverseengineering security

Last synced: 18 Dec 2024

https://github.com/reidmorrison/symmetric-encryption

Symmetric Encryption for Ruby Projects using OpenSSL

compliance encryption openssl pci ruby symmetric-keys

Last synced: 20 Dec 2024

https://rocketjob.github.io/symmetric-encryption

Symmetric Encryption for Ruby Projects using OpenSSL

compliance encryption openssl pci ruby symmetric-keys

Last synced: 03 Oct 2024

https://github.com/sandworm-hq/sandworm-audit

Security & License Compliance For Your App's Dependencies 🪱

audit cli compliance d3-visualization dependencies dependencies-graph dependencies-tree license-checking license-compliance license-management sbom security security-tools supply-chain vulnerabilities vulnerability vulnerability-scanners

Last synced: 08 Nov 2024

https://github.com/antonbabenko/terraform-aws-devops

Info about many of my Terraform, AWS, and DevOps projects.

antonbabenko aws aws-community compliance infrastructure-as-code serverless terraform terraform-aws-modules

Last synced: 21 Dec 2024

https://github.com/wazuh/wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

compliance file-integrity-management gdpr ids incident-response intrusion-detection log-analysis loganalyzer monitoring openscap opensearch-dashboards opensearch-plugins ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh

Last synced: 20 Dec 2024

https://github.com/wazuh/wazuh-ruleset

Wazuh - Ruleset

compliance elasticsearch file-integrity-management ids incident-response intrusion-detection log-analysis loganalyzer monitoring openscap ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh

Last synced: 21 Dec 2024

https://github.com/skyscanner/cfripper

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

aws aws-security cfripper cloud-governance cloudformation cloudformation-linter cloudformation-template compliance static-analysis

Last synced: 21 Dec 2024

https://github.com/Skyscanner/cfripper

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

aws aws-security cfripper cloud-governance cloudformation cloudformation-linter cloudformation-template compliance static-analysis

Last synced: 02 Nov 2024

https://github.com/bmarsh9/gapps

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

27002 asvs cis18 cmmc compliance csc grc hipaa iso27001 nist nist-csf nist800-53 owasp owasp-top-10 pci pci-dss security soc2

Last synced: 05 Nov 2024

https://github.com/turbot/steampipe-mod-aws-compliance

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

aws cis cis-benchmark compliance hacktoberfest hipaa nist-csf pci pci-dss powerpipe powerpipe-mod rbi security sql steampipe steampipe-mod

Last synced: 15 Dec 2024

https://github.com/opengdpr/OpenDSR

A common framework enabling companies to work together to protect consumers' privacy and data rights.

california-privacy ccpa compliance data-driven data-portability data-processor data-subject-request gdpr open-source portability privacy right-to-be-forgotten

Last synced: 05 Nov 2024

https://github.com/chainloop-dev/chainloop

Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

attestation compliance cyclonedx devsecops in-toto license metadata-platform open-source-licensing ospo oss-compliance regulated-industry sbom sbom-discovery sbom-distribution security slsa slsa-provenance spdx supply-chain-security

Last synced: 14 Nov 2024

https://github.com/xeol-io/xeol

A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

compliance end-of-life eol fedramp nist outdated-dep outdated-libraries outdated-packages pci-dss release-policy sbom security

Last synced: 14 Dec 2024

https://github.com/open-policy-agent/opa-envoy-plugin

A plugin to enforce OPA policies with Envoy

authorization cloud-native compliance envoy istio-proxy opa opa-envoy policy

Last synced: 19 Dec 2024

https://github.com/reposaur/reposaur

Open source compliance tool for development platforms.

audit compliance git github github-actions gitlab go golang golang-tools opa rego report security

Last synced: 01 Nov 2024

https://github.com/mondoohq/cnspec

An open source, cloud-native security to protect everything from build to runtime

cloud-native compliance declarative kubernetes opensource policy policy-as-code security security-as-code

Last synced: 15 Dec 2024

https://github.com/wazuh/wazuh-ansible

Wazuh - Ansible playbook

ansible compliance elasticsearch file-integrity-management hacktoberfest hacktoberfest-accepted ids incident-response intrusion-detection log-analysis loganalyzer monitoring ossec pci-dss policy-monitoring security security-awareness security-hardening vulnerability-detection wazuh

Last synced: 15 Dec 2024

https://github.com/sandworm-hq/sandworm-guard-js

Easy auditing & sandboxing for your JavaScript dependencies 🪱

audit compartments compliance dependencies dependency-analysis dynamic-analysis hardening intercept lockdown permission permissions sandbox security security-audit security-tools ses supply-chain vulnerability-scanners zero-trust

Last synced: 06 Nov 2024

https://github.com/bridgecrewio/checkov-action

This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

bridgecrew compliance devsecops hacktoberfest marketplace scanning security static-analysis terraform

Last synced: 19 Dec 2024

https://github.com/dns-violations/dns-violations

List of DNS violations by implementations, software and/or systems

compliance dns dns-protocol dns-rfcs dns-violation dve violations

Last synced: 27 Nov 2024

https://github.com/finalduty/cis-benchmarks-audit

Simple command line tool to check for compliance against CIS Benchmarks

audit centos centos7 cis cis-benchmark compliance hardening

Last synced: 29 Oct 2024

https://github.com/netfishers-onl/Netshot

Network Configuration and Compliance Management

automation cisco compliance fortinet juniper network network-admin

Last synced: 31 Oct 2024

https://github.com/todogroup/todogroup.org

Official TODO Website that containts TODO Guides, OSPO use cases and more resources to advance in the OSPO journey

compliance open opensource todogroup

Last synced: 07 Nov 2024

https://github.com/salesforce/aws-allowlister

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

aws cloud cloud-security compliance iam salesforce security

Last synced: 21 Dec 2024

https://github.com/utmstack/UTMStack

Customizable SIEM and XDR powered by Real-Time correlation and Threat Intelligence

compliance correlation edr incident-response log-management siem threat-intelligence threat-management utmstack xdr

Last synced: 12 Nov 2024

https://github.com/wazuh/wazuh-documentation

Wazuh - Project documentation

compliance documentation elasticsearch file-integrity-management fim incident-response intrusion-detection log-analysis loganalyzer monitoring openscap ossec pci-dss reference security security-awareness security-hardening vulnerability-detection wazuh

Last synced: 21 Dec 2024

https://github.com/sls-mentor/sls-mentor

Analyze your AWS serverless app in one command! 30+ best practices to improve costs💰 security🛡 stability🧘‍♀️ speed🚀 and sustainability🌱

analysis audit aws best-practices compliance cost-optimization dynamodb lambda learn s3 security serverless sns sqs

Last synced: 07 Nov 2024

https://github.com/zuazo/dockerspec

A small Ruby Gem to run RSpec and Serverspec, Infrataster and Capybara tests against Dockerfiles or Docker images easily.

capybara circleci compliance devops docker docker-compose rspec rspec-retry serverspec spec tdd tdd-utilities testing travis-ci

Last synced: 16 Dec 2024

https://github.com/privacyradius/gdpr-tracker

A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors

audit certificates certification cloud cloud-service cloud-services compliance crowdsourcing gdpr gdpr-tracker legal privacy privacy-radius regtech security

Last synced: 21 Nov 2024

https://github.com/bb1nfosec/Information-Security-Tasks

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

auditing blueteam compliance forensics incident-response information-security malware-analysis osint pentesting redteam steganography

Last synced: 01 Nov 2024

https://github.com/simeononsecurity/standalone-windows-stig-script

Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.

automation compliance cyber enterprise hardening hardware-requirements microsoft mil nsacyber powershell protection security security-hardening srgs-applied standalone-systems stig stigs windows windows10

Last synced: 21 Dec 2024

https://github.com/oscal-compass/compliance-trestle

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

compliance nist800-53 oscal pypi

Last synced: 07 Nov 2024

https://github.com/milcent/benford_py

Python implementation of Benford's Law tests.

accounting auditing benford benford-compliant benfords-law compliance digit financial-analysis fraud-detection matplotlib numpy pandas python python3 research simon-newcomb

Last synced: 26 Oct 2024

https://github.com/simeononsecurity/Standalone-Windows-STIG-Script

Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.

automation compliance cyber enterprise hardening hardware-requirements microsoft mil nsacyber powershell protection security security-hardening srgs-applied standalone-systems stig stigs windows windows10

Last synced: 06 Nov 2024

https://github.com/raystack/guardian

Guardian is universal data access management tool with automated access workflows and security controls across data stores, analytical systems, and cloud products.

access compliance control data dataops

Last synced: 14 Dec 2024

https://github.com/mitre/saf

The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

compliance devsecops json mitre mitre-corporation mitre-saf security security-automation security-automation-framework