Lynis是基于UNIX的系统的安全审计,主要目标是测试安全防御并提供进一步系统强化的提示
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Security automation content in SCAP, Bash, Ansible, and other formats
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT...
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
Wazuh - Project documentation
This is the Azure Kubernetes Service (AKS) baseline cluster for regulated workloads reference implementation as produced by the Microsoft Azure Architecture Center.
SIAC is an enterprise SIEM built on open-source technology.
Wazuh - Tools for packages creation