Top 7 soc2 Open-Source Projects

• lunasec

  36 1,408 5.5 TypeScript

  LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

  

• comply

  7 1,236 0.0 Go

  Compliance automation framework, focused on SOC2

  

Project mention: SOC2: Drata, Scrut, Vanta | /r/cybersecurity | 2023-05-15

There are even some free open source policy generator tools like this one: https://github.com/strongdm/comply

• SurveyJS

  surveyjs.io featured

  Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.

  

• medplum

  4 1,169 9.9 TypeScript

  Medplum is a healthcare platform that helps you quickly develop high-quality compliant applications.

  

Project mention: Medplum: Healthcare platform to quickly develop compliant applications | news.ycombinator.com | 2024-04-12

• metriport

  7 367 10.0 JavaScript

  Metriport is an open-source universal API for healthcare data.

  

Project mention: Show HN: HyperDX – open-source dev-friendly Datadog alternative | news.ycombinator.com | 2023-09-18

This could be huge for healthcare companies like Metriport [1] - do you sign BAAs with customers for HIPAA compliance?

[1] https://github.com/metriport/metriport

• gapps

  5 343 7.2 HTML

  Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

Project mention: Open source GRC platform for SOC2, CSC, CMMC and more | news.ycombinator.com | 2023-10-25

• ciso-assistant-community

  3 335 9.9 Python

  CISO Assistant is an open-source one-stop-shop for GRC - Risk and Audit Management supporting +30 standards and frameworks: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber and so much more

  

Project mention: CISO Assistant, Open-source solution with and30 cybersecurity frameworks | news.ycombinator.com | 2024-04-29

• secure-sdlc-process-template

  3 41 7.6 HTML

  Secure SDLC process template

  

Project mention: Open source SDLC process template | /r/programming | 2023-11-15

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

soc2 related posts

• CISO Assistant, Open-source solution with and30 cybersecurity frameworks

  1 project | news.ycombinator.com | 29 Apr 2024

• Free open-source solution for cybersecurity posture management (GRC)

  1 project | news.ycombinator.com | 25 Apr 2024

• Open source GRC platform for SOC2, CSC, CMMC and more

  1 project | news.ycombinator.com | 25 Oct 2023

• Tools for SOC2 Type II audit?

  1 project | /r/cissp | 19 Jun 2023

• For CTOs / tech leads of SAAS: When did you become SOC2 compliant?

  1 project | /r/startups | 7 Jun 2023

• SOC2: Drata, Scrut, Vanta

  1 project | /r/cybersecurity | 15 May 2023

• Quick question - how to track security controls to be implemented?

  1 project | /r/cybersecurity | 2 May 2023
• A note from our sponsor - InfluxDB
  www.influxdata.com | 5 May 2024

  Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com