Open Policy Agent (OPA) is an open source, general-purpose policy engine.
-
Updated
May 26, 2024 - Go
Open Policy Agent (OPA) is an open source, general-purpose policy engine.
Open Source Cloud Native Application Protection Platform (CNAPP)
ONYX: Cisco Automated Assessment and Auditing Tool (CAAAT). An open-source tool that automatically assesses and audits Cisco IOS routers against Center for Internet Security (CIS) Cisco IOS 15 Benchmark and Cisco IOS 17 Benchmark.
Open-source infrastructure and data orchestration platform for risk decisioning
The official repository for the Bedrock version of Faithful 64x
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +42 frameworks worldwide: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber and so much more
These are automated updated IP address blacklist/whitelist you can use to fetch and parse and put in your firewall, waf, null-routing, sinkhole or what ever you choose. The blacklists are not necessary threat actors, it's just lists i like to have ready and handy.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Configures an IBM Cloud Security and Compliance instance
Travel Rule Information Sharing Architecture for Virtual Asset Service Providers
XMonkey Curator - Automated DESCAM tooling
A suite of tools to automate software compliance checks.
InSpec: Auditing and Testing Framework
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
Tool to translate PURLs into Legal Notices
Add a description, image, and links to the compliance topic page so that developers can more easily learn about it.
To associate your repository with the compliance topic, visit your repo's landing page and select "manage topics."