100 Open source projects that are alternatives of or similar to LOCKLEVEL

Azure PCI PaaS Reference Architecture

Detect threats with log data and improve cloud security posture

Wazuh - Chef cookbooks

a lightweight, security focused, BDD test framework against terraform.

NIST Certified SCAP 1.2 toolkit

The GDPR Checklist

Compliance automation framework, focused on SOC2

An open source, general-purpose policy engine.

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBoM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

A suite of tools to assist with reviewing Open Source Software dependencies.

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

Symmetric Encryption for Ruby Projects using OpenSSL

macOS Security Compliance Project

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Continuous Auditing & Configuration

Wazuh - Ruleset

A common framework enabling companies to work together to protect consumers' privacy and data rights.

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

Privacy as Code for DSAR Orchestration: Privacy Request automation to fulfill GDPR, CCPA, and LGPD data subject requests.

A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

Symmetric Encryption for Ruby Projects using OpenSSL

Security, Compliance and Informational Dashboard System

GKE CIS 1.1.0 Benchmark InSpec Profile

Wazuh - Puppet module

A web application to streamline the development of STIGs from SRGs

Imagine the information security compliance guideline says you need an antivirus but you run Arch Linux

Speedle+ is an open source project for access management. It is based on Speedle open source project and maintained by previous Speedle maintainers.

Repository to hold the new UI framework for FOSSology built with React

This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

merged into the TTS Handbook

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

Wazuh - Ansible playbook

An open source, multi-cloud DevSecOps compliance checker

ISC Forge is an open source DHCP conformance validation framework, primarily used for testing ISC Kea.

Wazuh - Tools for packages creation

Verify that pull request titles start with a ticket ID

Guardian is a tool for extensible and universal data access with automated access workflows and security controls across data stores, analytical systems, and cloud products.