2461 Open source projects that are alternatives of or similar to Prowler

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

A terraform module to create a VPC with secure default configurations.

☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

Simple command line tool to check for compliance against CIS Benchmarks

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

kube-scan: Octarine k8s cluster risk assessment tool

A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Find cloud assets that no one wants exposed 🔎 ☁️

A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors

Auditing Script based on CIS-BENCHMARK CENTOS 8

Scripts to gather system configuration information for offline/remote auditing

All-in-one tool for managing vulnerability reports from AppSec pipelines

Hardening Ubuntu. Systemd edition.

Ansible role to apply a security baseline. Systemd edition.

Wazuh - Kibana plugin

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

A Mighty CLI for AWS

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

An integrated shell for working with the AWS CLI.

Knowledge seeks no man

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

A command line security audit tool for Amazon Web Services

Cloud Security Posture Management (CSPM)

Process credential providers for AWS SDKs and Tools

Open Cloud Security Posture Management Engine

Open source application to instantly remediate common security issues through the use of AWS Config

A supercharged AWS command line interface (CLI).

Provides various Windows Server Active Directory (AD) security-focused reports.

Simple Golang HTTPS/TLS Examples

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

Security scanner for your Terraform code

A Blazing fast Security Auditing tool for Kubernetes

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Universal Command Line Interface for Amazon Web Services

Ansible role for Ubuntu 2004 CIS Baseline

Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI and Google CloudBuild. No server required!

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

Virgil JavaScript Crypto Library is a high-level cryptographic library that allows you to perform all necessary operations for secure storing and transferring data and everything required to become HIPAA and GDPR compliant.

A common framework enabling companies to work together to protect consumers' privacy and data rights.

Detect Sensitive REST API communication using Deep Neural Networks

Want to see how something like Internet Chemotherapy works without bricking your own vms? This is a jail to reduce the python runtime from doing bad things on the host when running untrusted code. Nerf what you do not need 👾 + 🐛 ⚽ 🏈 🐳

Leapp is the tool to access your cloud; It securely stores your access information and generates temporary credential sets to access your cloud ecosystem from your local machine.

Lightweight Self-Documenting Design by Contract Programming and Security Hardened mode.

LIFARS Networking Security GNU/Linux distro

Wazuh - Tools for packages creation

Wazuh - Ansible playbook

Open Source SIEM (Security Information and Event Management system).

A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies. #nsacyber

An open source, multi-cloud DevSecOps compliance checker

Better AWS SSM Session manager CLI client

This is the official main repository for the Assimilation project