Go Compliance

Open-source Go projects categorized as Compliance
Edit details
Topics: Security Go Gdpr Static Analysis Devsecops
Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
Sponsored

Top 17 Go Compliance Projects

  • OPA (Open Policy Agent)

    Open Policy Agent (OPA) is an open source, general-purpose policy engine.

    • Project mention: SAP BTP, Terraform and Open Policy Agent | dev.to | 2024-04-02

    How can we handle this? Are there any mechanisms to prevent or at least to some extent safeguard this kind of issues without falling back to a manual workflow? There is. One huge advantage of sticking to (de-facto) standards like Terraform is that first we are probably not the first ones to come up with this question and second there is a huge ecosystem around Terraform that might help us with such challenges. And for this specific scenario the solution is the Open Policy Agent. Let us take a closer look how the solution could look like.

  • immudb

    immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

    • Project mention: Ask HN: What is your experience of tamper proof systems? | news.ycombinator.com | 2024-01-05

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • tfsec

    Security scanner for your Terraform code

    • Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16

    tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.

  • kubeconform

    A FAST Kubernetes manifests validator, with support for Custom Resources!

    • Project mention: Dealing with Yaml files | /r/kubernetes | 2023-07-05

    If you want to validate your resources against the schema of the resources (mind you also crds) you can use kubeconform.

  • bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    • Project mention: Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python | news.ycombinator.com | 2023-10-26

  • Databunker

    Secure SDK/vault for personal records/PII built to comply with GDPR

  • comply

    Compliance automation framework, focused on SOC2

    • Project mention: SOC2: Drata, Scrut, Vanta | /r/cybersecurity | 2023-05-15

    There are even some free open source policy generator tools like this one: https://github.com/strongdm/comply

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Open-Source-Security-Guide

    Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

  • copacetic

    🧵 CLI tool for directly patching container images using reports from vulnerability scanners

    • Project mention: copacetic: 🧵 CLI tool for directly patching container images using reports from vulnerability scanners | /r/blueteamsec | 2023-11-25

  • xeol

    A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

    • Project mention: xeol | /r/devopspro | 2023-07-09

  • opa-envoy-plugin

    A plugin to enforce OPA policies with Envoy

  • chainloop

    Chainloop is an Open Source Metadata Vault for your Software Supply Chain metadata, SBOMs, VEX, SARIF files, QA reports, and more.

    • Project mention: Choosing the “old stuff” as plugin SDK for Go in 2023 | news.ycombinator.com | 2023-07-06

  • reposaur

    Open source compliance tool for development platforms.

  • cnspec

    An open source, cloud-native security to protect everything from build to runtime

  • guardian

    Guardian is universal data access management tool with automated access workflows and security controls across data stores, analytical systems, and cloud products. (by raystack)

  • conceal

    A command line utility that provides a secure method to get your secrets from your existing password manager. :lock:

  • aws-security-posture

    Keep a historic overview of your compliance scores per workload

    • Project mention: Tracking your security posture in AWS | dev.to | 2024-03-01

    You need to do some manual labor as it is not supported by AWS. I hope I peaked your interest to check out the aws-security-posture project.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-04-16.

Go Compliance related posts

Index

What are some of the best open-source Compliance projects in Go? This list will help you:

Project Stars
1 OPA (Open Policy Agent) 9,104
2 immudb 8,481
3 tfsec 6,529
4 kubeconform 1,912
5 bearer 1,720
6 Databunker 1,203
7 comply 1,191
8 Open-Source-Security-Guide 846
9 copacetic 770
10 xeol 315
11 opa-envoy-plugin 304
12 chainloop 296
13 reposaur 280
14 cnspec 233
15 guardian 134
16 conceal 59
17 aws-security-posture 2

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com