content
CentOS7-CIS
Our great sponsors
content | CentOS7-CIS | |
---|---|---|
7 | 1 | |
2,076 | 91 | |
2.4% | - | |
10.0 | 0.0 | |
about 5 hours ago | about 3 years ago | |
Shell | Shell | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
content
- Oracle linux CIS benchmark
-
FIPS 140 and MacOS
For starters there's an entire NIST project for macOS Security Compliance - https://github.com/usnistgov/macos_security this will make your life a million times easier to meet a lot of the technical controls required for compliance. Nothing like this really exists for Windows or Linux(closest is Compliance As Code https://github.com/ComplianceAsCode/content)
- Ansible for automation/ hardening.
- I wrote a Script to bring firefox into dISA STIG compliance on RHEL 7 & 8 systems.
- hardening a RHEL8 VM using OpenSCAP and DISA STIG
-
CIS Benchmarking Git Community
I haven't used this in a while but take a look at ComplianceAsCode it is attempting to apply controls for each of the different benchmarks on different OSes. It might have what you are looking for, plus you can always contribute back any changes you make to help others.
- ComplianceAsCode/content: Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
CentOS7-CIS
-
Ansible playbook for CentOS and Ubuntu for Security Patching Updates.
Just for centos but this might give food for thought https://github.com/radsec/CentOS7-CIS
What are some alternatives?
flake8-bandit - Automated security testing using bandit and flake8.
JShielder - Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
hardening - Hardening Ubuntu. Systemd edition.
ansible-openwrt - Manage OpenWRT and derivatives with Ansible but without Python
AMDH - Android Mobile Device Hardening
ansible-openwrt - Ansible collection to configure your OpenWrt devices more quickly and automatically (without Python)
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
RHEL7-CIS - Ansible RHEL 7 - CIS Benchmark Hardening Script
ansible-role-rhel8-stig - DISA STIG for Red Hat Enterprise Linux 8 - Ansible role generated from ComplianceAsCode Project
ubuntu-dev-machine-setup - Configure your Ubuntu 18.04, 20.04, 22.04 Desktop as a development workstation for DevOps or DevSecOps. Pop!_OS 22.04 as well
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
RHEL7-CIS - Ansible role for Red Hat 7 CIS Baseline