debian-cis vs http-observatory

Our great sponsors

InfluxDB - Power Real-Time Data Analytics at Scale

WorkOS - The modern identity platform for B2B SaaS

SaaSHub - Software Alternatives and Reviews

Our great sponsors

debian-cis		http-observatory
	Project
3	Mentions	33
663	Stars	1,816
7.3%	Growth	0.6%
7.3	Activity	8.0
17 days ago	Latest Commit	17 days ago
Shell	Language	Python
GNU General Public License v3.0 or later	License	Mozilla Public License 2.0

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

debian-cis

Posts with mentions or reviews of debian-cis. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-06.

Q: How many have actually secured thier server?
1 project | /r/selfhosted | 3 May 2023
Any tool to check the security of my server?
6 projects | /r/selfhosted | 6 Jan 2023

I normally use debian-cis: https://github.com/ovh/debian-cis
Basic Server Hardening Steps
5 projects | /r/selfhosted | 5 Jun 2021

http-observatory

Posts with mentions or reviews of http-observatory. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-08.

What are the actual security implications of port forwarding?
1 project | /r/selfhosted | 17 Nov 2023

Detectify once made an offer of making free scans which I took them up on. There are plenty of free Content Security Policy (CSP) and other vulnerability checkers around such as Observatory or Pentest. Shields UP!! will identify which ports you have open.
200 Web-Based, Must-Try Web Design and Development Tools
13 projects | dev.to | 8 Aug 2023

Website Headers Analyzer (Mozilla)
Open source cookie scanner
1 project | /r/selfhosted | 26 Jun 2023
I made inline styles CSP-compliant in .NET 6+. Here's how
1 project | dev.to | 2 Mar 2023
Deploy a static site to AWS S3 and CloudFront using AWS CDK
9 projects | dev.to | 26 Jan 2023

scan our site with Mozilla Observatory and improve our grade by registering a domain name, enabling HTTPS, adding a certificate and setting security headers
Simple "Frictionless" Authentication that is Secure "Enough"
1 project | /r/django | 13 Jan 2023

First, for session persistence, go with the default Django session with cookie storage. Set your cookie to HTTP only and ensure your application uses the most common HTTP security headers and controls. Test your application with https://observatory.mozilla.org/ to have an idea of what you're missing.
Any tool to check the security of my server?
6 projects | /r/selfhosted | 6 Jan 2023

Mozilla Observatory
How to explain styled-components to a vanilla JS fanatic
2 projects | /r/reactjs | 19 Dec 2022

See https://observatory.mozilla.org and https://github.com/styled-components/styled-components/issues/2363 and https://content-security-policy.com/examples/allow-inline-style/
My wordpress page sends a lot of "shady" requests to a site called "brounelink.com". Why? How to debugg where this is coming from?
1 project | /r/Wordpress | 3 Dec 2022

Rank your site on https://observatory.mozilla.org/ and it will give you some suggestions.
WaPo: Stealthy Kherson resistance fighters undermined Russian occupying forces
1 project | /r/ukraine | 18 Nov 2022

What are some alternatives?

When comparing debian-cis and http-observatory you can also consider the following projects:

ansible-collection-hardening - This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

django-csp - Content Security Policy for Django.

hardening - Hardening Ubuntu. Systemd edition.

ssh_scan - DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)

lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

http-headers-security - HTTP Headers Security Cheat Sheet

How-To-Secure-A-Linux-Server - An evolving how-to guide for securing a Linux server.

observatory-cli

Whonix - Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. https://www.whonix.org

tls-scan - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )

prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

jspaint.exe - 🌂JS Paint ~~ as a cross-platform native desktop app. In other words, the "🎨 Classic MS Paint, ＲＥＶＩＶＥＤ + ✨Extras".exe hehe