323 skills found · Page 1 of 11
CISOfy / LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
prowler-cloud / ProwlerProwler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
kubescape / KubescapeKubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
tenable / TerrascanDetect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Checkmarx / KicsFind security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
usnistgov / Macos SecuritymacOS Security Compliance Project
konstruktoid / HardeningHardening Ubuntu. Systemd edition.
XmirrorSecurity / OpenSCA CliOpenSCA is an open source software supply chain security solution that supports the detection of open source dependencies, vulnerabilities and license compliance with a widely noticed accuracy by the community.
Arudjreis / Awesome Security GRCCurated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).
fugue / RegulaRegula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego
aquasecurity / Chain BenchAn open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
opengovern / Opensecurityopensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
bmarsh9 / GappsSecurity compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking
konstruktoid / Ansible Role HardeningAnsible role to apply a security baseline. Systemd edition.
Skyscanner / WhispersIdentify hardcoded secrets in static structured text
sandworm-hq / Sandworm AuditSecurity & License Compliance For Your App's Dependencies 🪱
Skyscanner / CfripperLibrary and CLI tool for analysing CloudFormation templates and check them for security compliance.
project-codeguard / RulesProject CodeGuard is an AI model-agnostic security framework and ruleset that embeds secure-by-default practices into AI coding workflows (generation and review). It ships core security rules, translators for popular coding agents, and validators to test rule compliance.
hubblestack / HubbleHubble is a modular, open-source security compliance framework. The project provides on-demand profile-based auditing, real-time security event notifications, alerting, and reporting.
rhyeal / Aws Rotate Iam KeysRotate your IAM Keys to be in compliance with security best practices
