Lynis是基于UNIX的系统的安全审计,主要目标是测试安全防御并提供进一步系统强化的提示
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening...
OPA 是一种开源的通用策略引擎,主要为了解决云原生应用的访问控制、授权和策略
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Open Source Cloud Native Application Protection Platform (CNAPP)
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +90 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DS...
InSpec: Auditing and Testing Framework
A FAST Kubernetes manifests validator, with support for Custom Resources!
HardeningKitty and Windows Hardening Settings
Security automation content in SCAP, Bash, Ansible, and other formats
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Open-source infrastructure and data orchestration platform for risk decisioning
A suite of tools to automate software compliance checks.
