compliance

Here are 1,304 public repositories matching this topic...

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Updated Nov 24, 2025
Shell

wazuh / wazuh

Star

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Updated Nov 24, 2025
C

Prowler is the Open Cloud Security for AWS, Azure, GCP, Kubernetes, M365 and more. As agent-less, it helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more

Updated Nov 24, 2025
Python

open-policy-agent / opa

Star

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance open-policy-agent

Updated Nov 21, 2025
Go

codenotary / immudb

Star

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

go verify performance immutable sql database key-value verification pci-dss cryptographic compliance merkle-tree immutable-database gdpr zero-trust timetravel tamper-evident auditable tamperproof

Updated Oct 31, 2025
Go

bridgecrewio / checkov

Star

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

Updated Nov 23, 2025
Python

aquasecurity / tfsec

Star

Tfsec is now part of Trivy

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

Updated Nov 10, 2025
Go

cloud-custodian / cloud-custodian

Star

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

Updated Nov 22, 2025
Python

deepfence / ThreatMapper

Star

Open Source Cloud Native Application Protection Platform (CNAPP)

Updated Jul 24, 2025
TypeScript

ossec / ossec-hids

Star

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

Updated Jan 22, 2025
C

intuitem / ciso-assistant-community

Star

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +100 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, CyFun, AirCyber, NCSC, ECC, SCF and so much more

Updated Nov 24, 2025
Python

HotCakeX / Harden-Windows-Security

Star

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨