Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
Updated
Apr 10, 2024 - Shell
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Security automation content in SCAP, Bash, Ansible, and other formats
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Wazuh - Docker containers
Wazuh - Ruleset
Plugins for Wazuh Dashboard
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted!
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
CISO Assistant is an open-source one-stop-shop for GRC - Risk and Audit Management supporting +30 standards and frameworks: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, CyFun, AirCyber and so much more
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
Wazuh - Ansible playbook
Wazuh - Project documentation
SIAC is an enterprise SIEM built on open-source technology.
MCW Modern cloud apps
Add a description, image, and links to the pci-dss topic page so that developers can more easily learn about it.
To associate your repository with the pci-dss topic, visit your repo's landing page and select "manage topics."