312 Open source projects that are alternatives of or similar to havengrc

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Open Source SIEM (Security Information and Event Management system).

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

A GDPR Data Protection Impact Assessment (DPIA) tool to assist organisations to evaluate data protection risks with respect to the EU's General Data Protection Regulation. 🇪🇺

HIPAA & GDPR compliant ready parse-server with postgres/mongo, parse-hipaa-dashboard. Compatible with ParseCareKit

Security scanner for your Terraform code

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors

Collection of Data Processing Agreement (DPA) and GDPR compliance resources

Virgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.

Detect Sensitive REST API communication using Deep Neural Networks

Quantitative analysis, strategies and backtests

open source version of Pryv.io

Wazuh - Kibana plugin

immudb - world’s fastest immutable database, built on a zero trust model

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews

⚖Open Source Toolkit for Quantitative Risk Assessment

Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.

Secure storage for personal records built to comply with GDPR

Virgil Crypto is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant. Crypto Library is written in C++, suitable for mobile and server platforms and supports bindings with: Swift, Obj-C, Java (Android), С#/.NET, …

Virgil Core SDK allows developers to get up and running with Virgil Cards Service API quickly and add end-to-end security to their new or existing digital solutions to become HIPAA and GDPR compliant and more.

Privacy as Code for DSAR Orchestration: Privacy Request automation to fulfill GDPR, CCPA, and LGPD data subject requests.

A common framework enabling companies to work together to protect consumers' privacy and data rights.

Compliance automation framework, focused on SOC2

A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.

An open source, multi-cloud DevSecOps compliance checker

The GDPR Checklist

Sensitive Data Management: Data Discovery and Anonymization toolkit

October CMS plugin to make websites GDPR and ePrivacy compliant

Some Monolog processors that help with GDPR compliance

Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

📜 Tracking Valve's GDPR related pages

Use the tools you know. Respect users' privacy. Forget cookie consents. Comply with GDPR, ePrivacy, COPPA, CalOPPA, PECR, PIPEDA, CASL; you name it.

FedRAMP Tailored.

Website analytics, JavaScript error tracking + analytics, tag manager, data ingest endpoint creation (tracking pixels). GDPR + CCPA compliant.

Matomo user tracking and optout scripts for Hugo

GDPR compliant cookie popup and consent checker

Run individual controls or full compliance benchmarks for NSA CISA Kubernetes Hardening Guidance across all of your Kubernetes clusters using Steampipe.

The Solutions Delivery Platform runtime pipeline framework

🍪 Simple cross-browser cookie-consent plugin written in vanilla js

List of DNS violations by implementations, software and/or systems

A schema and set of tools for using SQL to query cloud infrastructure.

Binary Analysis Next Generation (BANG)

Wazuh - Docker containers

Simple command line tool to check for compliance against CIS Benchmarks

InSpec: Auditing and Testing Framework

Fax send and receive in Ruby with the InterFAX REST API

Widget to transform your website into a cutting-edge campaign in 10 min. multi-lingual, privacy first.

A plugin to enforce OPA policies with Envoy

An attempt at making MyBB more GDPR compliant and to give users a greater control over their data stored.

Wazuh - The Open Source Security Platform

A small Ruby Gem to run RSpec and Serverspec, Infrataster and Capybara tests against Dockerfiles or Docker images easily.

WordPress plugin to remove tools for creating a privacy policy and exporting/erasing personal data.

Speedle is an open source project for access control.

A symfony3 bundle to assist with defining data in accordance with GDPR, and for encrypting and reporting.

The group for companies that run open source programs