compliance

prowler-cloud/prowler
355日前9.2k

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

python

security

open-policy-agent/opa
354日前8.9k

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

aquasecurity/tfsec
354日前6.5k

Security scanner for your Terraform code

vulnerability-scanners

infrastructure-as-code

linter

google-cloud-platform

bridgecrewio/checkov
354日前6.4k

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

infrastructure-as-code

cloud-custodian/cloud-custodian
354日前5.1k

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

lunasec-io/lunasec
358日前1.4k

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/