Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 18 cis-benchmark Open-Source Projects
-
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Project mention: Ask HN: Cloud security auditing for indie-grade projects? | news.ycombinator.com | 2023-12-04Which cloud provider?
https://github.com/prowler-cloud/prowler is easy to get going with, and gives decent results. It's much stronger at AWS than GCP or Azure.
Steampipe can be a little harder to wrap your head around, but scales really well and has broader support: https://hub.steampipe.io/mods?objectives=security
-
kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Project mention: Evaluating and securing your Kubernetes infrastructure with kube-bench | dev.to | 2023-08-25However, no matter how well our applications are secured, the security of our entire IT environment ultimately depends on the security of our infrastructure. Therefore, in the lab to follow, we will shift our focus away from Kubernetes workloads and instead explore how we can evaluate and improve upon the security of our Kubernetes clusters with kube-bench, the industry-leading Kubernetes benchmarking solution developed by Aqua.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
-
-
-
steampipe-mod-aws-compliance
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
In a prior post I showed how to install Steampipe in AWS CloudShell to instantly query over 460+ resource types from your AWS APIs using SQL, and another post on how to use the Steampipe AWS Compliance mod to assess over 25+ security benchmarks across your AWS accounts.
-
CIS-Ubuntu-20.04-Ansible
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
How, making a step further: how difficult is to make a VPS pretty secure? Is this enough https://github.com/ansible-lockdown/UBUNTU22-CIS ?
-
-
kube-beacon
Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification
-
steampipe-mod-zoom-compliance
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.
-
steampipe-mod-azure-compliance
Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Powerpipe and Steampipe.
-
cis-vsphere
A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
-
-
-
lxd-probe
Open Source runtime scanner for Linux containers (LXD / LXC), It performs security audit checks based on CIS Linux containers Benchmark specification
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
cis-benchmark related posts
- Evaluating and securing your Kubernetes infrastructure with kube-bench
- CIS Roles
- Quickstart - Aqua Security Kube-Bench
- GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
- GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
- GitHub - karimhabush/cis-vsphere: A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.
- Kubernetes Security: 10 Best Practices from the Industry and Community
-
A note from our sponsor - InfluxDB
www.influxdata.com | 17 Apr 2024
Index
What are some of the best open-source cis-benchmark projects? This list will help you:
Project | Stars | |
---|---|---|
1 | prowler | 9,486 |
2 | kube-bench | 6,619 |
3 | terraform-aws-secure-baseline | 1,113 |
4 | JShielder | 733 |
5 | RHEL7-CIS | 469 |
6 | steampipe-mod-aws-compliance | 349 |
7 | CIS-Ubuntu-20.04-Ansible | 243 |
8 | RHEL8-CIS | 239 |
9 | UBUNTU20-CIS | 170 |
10 | UBUNTU22-CIS | 135 |
11 | CentOS7-CIS | 91 |
12 | kube-beacon | 63 |
13 | steampipe-mod-zoom-compliance | 62 |
14 | steampipe-mod-azure-compliance | 50 |
15 | cis-vsphere | 45 |
16 | RHEL7-CIS | 29 |
17 | UBUNTU18-CIS | 29 |
18 | lxd-probe | 22 |