#Compliance

Open-source projects categorized as Compliance | Edit details

Top 23 Compliance Open-Source Projects

  • GitHub repo lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Project mention: Has anyone else here used a security audit tool? | reddit.com/r/ethstaker | 2021-04-28

    I just scanned my staking node using the lynis security audit tool. I ran as root and got no warnings and 49 suggestions.

  • GitHub repo opa

    An open source, general-purpose policy engine.

    Project mention: Open Policy Agent – Policy-based control for cloud native environments | news.ycombinator.com | 2021-04-29
  • GitHub repo cloud-custodian

    Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

    Project mention: Best way to MAP the entire cloud infra? | reddit.com/r/aws | 2021-04-11
  • GitHub repo OSSEC

    OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

    Project mention: cnHids stake pool security monitoring- now available as scripted install. | reddit.com/r/CardanoStakePools | 2021-03-07

    cnhids is a Host Intrusion Detection System for cardano node based on https://github.com/ossec/ossec-hids:

  • GitHub repo prowler

    Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

    Project mention: Is there any way to efficiently audit security groups? | reddit.com/r/aws | 2021-04-28

    Prowler does a pretty good audit of the security groups (as well as the whole account).

  • GitHub repo tfsec

    🔒🌍 Security scanner for your Terraform code

    Project mention: Terraforming in 2021 – new features, testing and compliance | dev.to | 2021-05-02

    Here again more than one tool exists to assist. We will highlight two of the most popular ones here: tfsec and checkov. Both provide a predefined set of checks that they use to inspect your code, allowing to explicitly open exceptions (if you really want to) by annotating your code with comments, and adjust the configuration to ignore some modules, for example.

  • GitHub repo checkov

    Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

    Project mention: Terraforming in 2021 – new features, testing and compliance | dev.to | 2021-05-02

    Here again more than one tool exists to assist. We will highlight two of the most popular ones here: tfsec and checkov. Both provide a predefined set of checks that they use to inspect your code, allowing to explicitly open exceptions (if you really want to) by annotating your code with comments, and adjust the configuration to ignore some modules, for example.

  • GitHub repo inspec

    InSpec: Auditing and Testing Framework

    Project mention: Terraforming in 2021 – new features, testing and compliance | dev.to | 2021-05-02

    Before we dive into own cloud provider compliance checking services, we want to highlight yet another open source tool, namely InSpec. It allows you to write tests in ruby, and was built on top of RSpec. If you know already awsspec, then this should feel very similar, with the advantage that InSpec also supports GCP and Azure.

  • GitHub repo Wazuh

    Wazuh - The Open Source Security Platform

    Project mention: Any recommendations for security scans? | reddit.com/r/selfhosted | 2021-04-13
  • GitHub repo immudb

    immudb - world’s fastest immutable database

    Project mention: Immudb 0.9.2 Released | news.ycombinator.com | 2021-04-12

    * immudb now performs index compaction asynchronously, without blocking insertions.

    To learn more about immudb, visit https://github.com/codenotary/immudb. To learn interactively and get started with immudb from the command line and programming languages, visit the Playground at https://play.codenotary.com/

  • GitHub repo cloudquery

    cloudquery transforms your cloud infrastructure into SQL database for easy monitoring, governance and security.

    Project mention: CloudQuery: Open-source tool to find and monitor security mis-configurations and compliance with SQL | reddit.com/r/u_cloudqueryio | 2021-03-27
  • GitHub repo content

    Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats (by ComplianceAsCode)

    Project mention: CIS Benchmarking Git Community | reddit.com/r/ansible | 2021-04-27

    I haven't used this in a while but take a look at ComplianceAsCode it is attempting to apply controls for each of the different benchmarks on different OSes. It might have what you are looking for, plus you can always contribute back any changes you make to help others.

  • GitHub repo sudo_pair

    Plugin for sudo that requires another human to approve and monitor privileged sudo sessions

    Project mention: Sudo_pair – 2FA for individual `sudo` commands | news.ycombinator.com | 2021-02-03
  • GitHub repo cli

    a lightweight, security focused, BDD test framework against terraform. (by terraform-compliance)

    Project mention: Azure terraform-compliance examples? | reddit.com/r/Terraform | 2021-05-07

    Was checking out terraform-compliance today - https://terraform-compliance.com/

  • GitHub repo Databunker

    Secure storage for personal records built to comply with GDPR

    Project mention: Hottest Israel Startup with Open-Source Spirit | reddit.com/r/Israel | 2021-04-08

    Check out the project website for additional information: https://databunker.org/

  • GitHub repo ort

    A suite of tools to assist with reviewing Open Source Software dependencies.

    Project mention: OSS Review Toolkit: analyze dependencies of a project, download them, scan them for licenses, security advisories, and much more | reddit.com/r/opensource | 2021-01-19
  • GitHub repo Symmetric Encryption

    Symmetric Encryption for Ruby Projects using OpenSSL

  • GitHub repo macos_security

    macOS Security Compliance Project

    Project mention: Macs in the enterprise | reddit.com/r/macsysadmin | 2021-04-29

    If you’re needing to do any security compliance check out the macOS security compliance project. It’ll save a ton of time.

  • GitHub repo wazuh-ruleset

    Wazuh - Ruleset

    Project mention: Windows events alerts with Wazuh | reddit.com/r/Wazuh | 2021-03-19

    In this repository https://github.com/wazuh/wazuh-ruleset you can find the decoders and rules that wazuh-manager has by default (all these files are being migrated to the repository wazuh/wazuh https://github.com/wazuh/wazuh).

  • GitHub repo wazuh-kibana-app

    Wazuh - Kibana plugin

    Project mention: Is it possible to include this field by default on saved filters and queries? I have saved a new filter including this field then i have saved the query and selected the option to include filters, but if i refresh the field data.srcip is not included anymore. How can i include data.srcip by default? | reddit.com/r/Wazuh | 2021-03-19

    Our recommended way to do what you want requires to build Kibana from source code. So, to change the default "Selected Fields" you must modify the "events-selected-field.js" file in the wazuh-kibana-app: https://github.com/wazuh/wazuh-kibana-app/blob/master/public/components/common/modules/events-selected-fields.js and then you have to build and re-install it

  • GitHub repo opa-envoy-plugin

    A plugin to enforce OPA policies with Envoy

    Project mention: OPA + Istio/Envoy: ConfigMap | reddit.com/r/OpenPolicyAgent | 2021-02-23

    I'm observing the quick_start.yaml provided by OPA and trying to comprehend what's happening in the inject.rego resource (proper name?) under the ConfigMap. Can anyone break it down for me a bit? I think I have an inkling of what's happening but not sure.

  • GitHub repo Information-Security-Tasks

    This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

    Project mention: Building an interactive and effective cybersecurity curriculum for 9-12 graders, what are key subjects? | reddit.com/r/cybersecurity | 2021-04-05

    Infosec tasks https://github.com/bb1nfosec/Information-Security-Tasks

  • GitHub repo benford_py

    Python implementation of Benford's Law tests.

    Project mention: Using Matplotlib to Plot a Live Graph of Benford’s Law in Python | reddit.com/r/Python | 2021-04-08
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-05-07.

Index

What are some of the best open-source Compliance projects? This list will help you:

Project Stars
1 lynis 8,403
2 opa 4,972
3 cloud-custodian 3,573
4 OSSEC 3,392
5 prowler 3,377
6 tfsec 2,662
7 checkov 2,585
8 inspec 2,317
9 Wazuh 2,238
10 immudb 1,881
11 cloudquery 1,448
12 content 1,263
13 sudo_pair 1,098
14 cli 961
15 Databunker 747
16 ort 471
17 Symmetric Encryption 439
18 macos_security 396
19 wazuh-ruleset 307
20 wazuh-kibana-app 221
21 opa-envoy-plugin 194
22 Information-Security-Tasks 108
23 benford_py 99