Python Compliance

Open-source Python projects categorized as Compliance

Top 18 Python Compliance Projects

  • prowler

    Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

    Project mention: Top 11 DevOps Security Tools | dev.to | 2024-08-30

    11. Prowler

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • checkov

    Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

    Project mention: Building Web Applications Using Amazon EKS : AWS Project | dev.to | 2024-11-13

    Prior to deploying kubernetes manifest files to EKS Cluster, supplementary steps need to be added to prevent security and misconfiguration issue by using both *Checkov *and Trivy . Also, we will use seperate ArgoCD account from admin user that we’ve used in the previous lab. This will follow ArgoCD RBAC rule to secure ArgoCD and EKS cluster ultimately.

  • cloud-custodian

    Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

    Project mention: Cutting down AWS cost by $150k per year simply by shutting things off | news.ycombinator.com | 2024-01-22

    > The best optimization is simply shutting things off

    This is the way.

    A similar idea has been bouncing around in my mind for a while now. An ideal, turnkey system would do the following:

    - Execute via Lambda (serverless).

    - Support automated startup and shutdown of various AWS resources on a schedule influenced by specially formatted tags.

    - Enable resources to be brought back up out of schedule when demand dictates.

    - Operate as a TCP/HTTP proxy that can delay clients so that a given service can be started when it is dormant or, even better, the service isn't serverless but you want it to be. This can't work for everything, but perhaps enough things such that the need to run always on services is reduced.

    Cloud Custodian [1] can purportedly do some of this, but I've been reluctant to learn yet another YAML-based DSL to use it.

    So this is my "make things designed to be always-on serverless instead" project and the work AWS has done to make Java apps function on Lambda keeps me thinking about the potential to take things that 1) have a relatively long startup time and 2) are designed to be long running service loops, and find a way to force them into the serverless execution model.

    [1] https://cloudcustodian.io/

  • cli

    a lightweight, security focused, BDD test framework against terraform. (by terraform-compliance)

  • ciso-assistant-community

    CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

    Project mention: CISO Assistant, Open-source solution with and30 cybersecurity frameworks | news.ycombinator.com | 2024-04-29
  • dep-scan

    OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

  • tern

    Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more. (by tern-tools)

    Project mention: Top 10 SBOM Tools to Inventory Your App Components | dev.to | 2024-10-15

    4. Tern

  • ElectricEye

    ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP & SaaS environments with controls mapped to over 20 industry, regulatory, and best practice controls frameworks

  • betterscan

    Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan

  • privado

    Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.

  • binaryanalysis-ng

    Binary Analysis Next Generation (BANG)

  • iambic

    IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in Git.

  • aws-allowlister

    Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

  • Internet.nl

    Internet standards compliance test suite

    Project mention: Internet.nl – test tool for modern internet standards | news.ycombinator.com | 2024-06-05
  • compliance-trestle

    An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

  • validity

    NetBox plugin to validate network devices (by amyasnikov)

  • cfn-guard-test

    This tool allows you to easily run your cfn-guard tests against your cfn-guard rules.

  • report2junit

    report2junit is a tool that converts various reports into the JUnit format.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python Compliance discussion

Log in or Post with

Python Compliance related posts

  • CISO Assistant, Open-source solution with and30 cybersecurity frameworks

    1 project | news.ycombinator.com | 29 Apr 2024
  • Free open-source solution for cybersecurity posture management (GRC)

    1 project | news.ycombinator.com | 25 Apr 2024
  • When have you screwed up, bad?

    1 project | /r/sysadmin | 6 Dec 2023
  • Open-Source tools for monitoring ML/AI usage- Recommendations?

    1 project | /r/devops | 4 Nov 2023
  • Open source IAM-as-code through IAMbic

    2 projects | /r/cloudsecurity | 30 May 2023
  • Open source IAM-as-code

    2 projects | /r/cloudcomputing | 30 May 2023
  • Are there any open source tools to centrally manage IAM policies?

    2 projects | /r/sre | 30 May 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 5 Dec 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source Compliance projects in Python? This list will help you:

Project Stars
1 prowler 10,910
2 checkov 7,173
3 cloud-custodian 5,479
4 cli 1,363
5 ciso-assistant-community 1,186
6 dep-scan 1,030
7 tern 968
8 ElectricEye 962
9 betterscan 822
10 privado 507
11 binaryanalysis-ng 480
12 iambic 285
13 aws-allowlister 224
14 Internet.nl 179
15 compliance-trestle 168
16 validity 142
17 cfn-guard-test 6
18 report2junit 4

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com