Open-source infrastructure and data orchestration platform for risk decisioning
-
Updated
Jun 11, 2024 - TypeScript
Open-source infrastructure and data orchestration platform for risk decisioning
Open Source Cloud Native Application Protection Platform (CNAPP)
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
An open-source command-line tool for reporting workflow automation and a configuration language for reusable templates. Reporting-as-Code
An open source, cloud-native security to protect everything from build to runtime
A dataset containing TLS requirements to assess a webserver's compliance with national cybersecurity agencies
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +44 frameworks worldwide: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber and so much more
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
A suite of tools to automate software compliance checks.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Event Sourcing database built with ease of use, productivity, compliance and software evolution in mind.
Cloud operations platform
Observe and alert on GitHub Secrets to facilitate regular rotation and enhance security and compliance.
🚧 Insights Compliance backend gets reports, and offers everything to know about them through an API
"Validate" is a robust GitHub Action developed by Enterprise Contract, designed to assess container images for security and compliance. It is made to seamlessly integrate into your CI/CD workflow.
Add a description, image, and links to the compliance topic page so that developers can more easily learn about it.
To associate your repository with the compliance topic, visit your repo's landing page and select "manage topics."