compliance · GitHub Topics

Lynis是基于UNIX的系统的安全审计，主要目标是测试安全防御并提供进一步系统强化的提示

Shell Linux pci-dss compliance 安全 security-hardening security-scanner hipaa Unix vulnerability-detection vulnerability-scanners vulnerability-assessment DevOps devops-tools hardening auditing gdpr

Shell 13.91 k

1 个月前

wazuh / wazuh

Wazuh - 开源安全平台

安全 compliance Logging vulnerability-detection Cybersecurity file-integrity-monitoring malware-detection cloud-security container-security security-automation siem xdr configuration-assessement incident-response pci-dss security-hardening wazuh

C++ 11.92 k

3 小时前

prowler-cloud / prowler

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics re...

翻译 - Prowler 是一种安全工具，用于执行 AWS 安全最佳实践评估、审计、事件响应、持续监控、强化和取证准备。它包含此处列出的所有 CIS 控件 https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf 以及 100 多项有助于满足 GDPR、HIPAA 和其他安全要求的额外检查。

安全 security-hardening hardening Amazon Web Services cis-benchmark compliance gdpr forensics cloud well-architected devsecops Azure iam Python Google 云 multi-cloud Software as a service cspm

Python 11.33 k

21 分钟前

open-policy-agent / opa

OPA 是一种开源的通用策略引擎，主要为了解决云原生应用的访问控制、授权和策略

Open Policy Agent policy declarative JSON compliance cloud-native authorization doge lolcat

Go 10.01 k

19 小时前

codenotary / immudb

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

翻译 - immudb是用于系统和应用程序的轻量级高速不可变数据库

key-value immutable merkle-tree Go 数据库 tamperproof verification immutable-database compliance pci-dss gdpr verify performance SQL timetravel zero-trust

Go 8.7 k

23 天前

bridgecrewio / checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

翻译 - Bridgecrew使用Checkov防止在Terraform，Cloudformation，Kubernetes，无服务器框架和其他基础架构代码语言的构建期间对云进行错误配置。

Terraform static-analysis Amazon Web Services Google 云 Azure aws-security cloudformation scans compliance Kubernetes Infrastructure as code DevOps Hacktoberfest

Python 7.41 k

14 小时前

aquasecurity / tfsec

Tfsec is now part of Trivy

翻译 - 🔒🌍为您的Terraform代码提供静态分析支持的安全扫描器

Terraform 安全 scanner static-analysis 持续集成 Amazon Web Services Azure Google 云 compliance Infrastructure as code devsecops vulnerability-scanners misconfiguration digitalocean DevOps linter Go Hacktoberfest

Go 6.79 k

23 天前

cloud-custodian / cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

翻译 - 用于云安全性，成本优化和治理的规则引擎，yaml中的DSL，用于对资源进行查询，过滤和采取措施的策略

Amazon Web Services compliance cloud rules-engine cloud-computing management Serverless lambda Google 云 Azure

Python 5.59 k

5 天前

deepfence / ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

翻译 - 识别运行容器、图像、主机和存储库中的漏洞

TypeScript 4.93 k

1 天前

ossec / ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

翻译 - OSSEC是基于开源主机的入侵检测系统，它执行日志分析，文件完整性检查，策略监视，rootkit检测，实时警报和主动响应。

hids 安全 pci-dss nist800-53 ossec compliance intrusion-detection fim loganalyzer policy-monitoring

C 4.64 k

2 个月前

inspec / inspec

InSpec: Auditing and Testing Framework

翻译 - InSpec：审核和测试框架

audit inspec 安全 compliance devsec DevOps tdd-utilities Test-driven development spec Testing

Ruby 2.9 k

3 小时前

intuitem / ciso-assistant-community

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Compliance/Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS...