compliance

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

immudb - immutable database based on zero trust, SQL and Key-Value, tamperproof, data change history

An open source, general-purpose policy engine.

Prowler is an Open Source Security tool to perform Cloud Security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Security scanner for your Terraform code

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more.

InSpec: Auditing and Testing Framework

Security automation content in SCAP, Bash, Ansible, and other formats

HardeningKitty and Windows Hardening settings and configurations

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

Open-Source Rules & Workflow Engine for User Identity and Risk Decisioning

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

a lightweight, security focused, BDD test framework against terraform.

HummerRisk 是云原生安全平台，包括混合云安全治理和容器云安全检测。

Plugin for sudo that requires another human to approve and monitor privileged sudo sessions

Linting tool for CloudFormation templates