CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+18700%)
Mutual labels: compliance, devsecops
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (+184.21%)
Mutual labels: compliance, devsecops
ProwlerProwler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Stars: ✭ 4,561 (+23905.26%)
Mutual labels: compliance, devsecops
TfsecSecurity scanner for your Terraform code
Stars: ✭ 3,622 (+18963.16%)
Mutual labels: compliance, devsecops
prowlerProwler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
Stars: ✭ 8,046 (+42247.37%)
Mutual labels: compliance, devsecops
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+6536.84%)
Mutual labels: compliance, devsecops
dep-scanFully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!
Stars: ✭ 346 (+1721.05%)
Mutual labels: compliance, devsecops
havengrc☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬
Stars: ✭ 83 (+336.84%)
Mutual labels: compliance, devsecops
PwnCheckerMulti tool checker account validator 2020
Stars: ✭ 30 (+57.89%)
Mutual labels: checker
daily-check-in一个打卡小程序 - 基于 leancloud 数据存储
Stars: ✭ 38 (+100%)
Mutual labels: checker
guardianGuardian is a tool for extensible and universal data access with automated access workflows and security controls across data stores, analytical systems, and cloud products.
Stars: ✭ 127 (+568.42%)
Mutual labels: compliance
ticket-check-actionVerify that pull request titles start with a ticket ID
Stars: ✭ 29 (+52.63%)
Mutual labels: compliance
posteeSimple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
Stars: ✭ 160 (+742.11%)
Mutual labels: devsecops
wazuh-packagesWazuh - Tools for packages creation
Stars: ✭ 54 (+184.21%)
Mutual labels: compliance
akamai-toolkitA set of tools to work on Akamai v1 anti-bot solution. Current supported version: 1.70
Stars: ✭ 215 (+1031.58%)
Mutual labels: checker
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Stars: ✭ 47 (+147.37%)
Mutual labels: devsecops
ProxyCheckerproxy checker to check the status of the ip-port proxy list
Stars: ✭ 24 (+26.32%)
Mutual labels: checker
gitavscanGit Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.
Stars: ✭ 23 (+21.05%)
Mutual labels: devsecops
DongTai-agent-javaJava Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Stars: ✭ 592 (+3015.79%)
Mutual labels: devsecops