compliance

Star

Here are 1,396 public repositories matching this topic...

Language:All

Filter by language

All1,396 Python291 TypeScript100 Go96 JavaScript88 HCL86 Shell61 HTML58 PowerShell58 Ruby56 Java33

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

CISOfy /lynis

Star15k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening

UpdatedNov 25, 2025
Shell

wazuh /wazuh

Star14.3k

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

security security-audit log-analysis incident-response cybersecurity pci-dss infosec compliance xdr siem security-hardening vulnerability-detection security-automation security-tools wazuh cloud-security malware-detection container-security file-integrity-monitoring configuration-assessement

UpdatedDec 17, 2025
C

prowler-cloud /prowler

Star12.4k

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

python aws security security-audit cloud azure iam gcp forensics compliance hardening security-hardening hacktoberfest gdpr multi-cloud security-tools cloudsecurity devsecops cis-benchmark cspm

UpdatedDec 16, 2025
Python

open-policy-agent /opa

Star11k

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance open-policy-agent

UpdatedDec 16, 2025
Go

codenotary /immudb

Star8.9k

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

go verify performance immutable sql database key-value verification pci-dss cryptographic compliance merkle-tree immutable-database gdpr zero-trust timetravel tamper-evident auditable tamperproof

UpdatedOct 31, 2025
Go

bridgecrewio /checkov

Star8.3k

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

UpdatedDec 5, 2025
Python

aquasecurity /tfsec

Star6.9k

Tfsec is now part of Trivy

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

UpdatedNov 10, 2025
Go

cloud-custodian /cloud-custodian

Star5.9k

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

UpdatedDec 13, 2025
Python

deepfence /ThreatMapper

Star5.2k

Open Source Cloud Native Application Protection Platform (CNAPP)

kubernetes devops containers secops cloud-native compliance vulnerability-detection vulnerability-management hacktoberfest observability vulnerability-scanners threat-analysis security-tools cloudsecurity devsecops scanning-tool registry-scanning cspm cwpp cnapp

UpdatedJul 24, 2025
TypeScript

ossec /ossec-hids

Star5k

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

UpdatedJan 22, 2025
C

HotCakeX /Harden-Windows-Security

Star3.9k

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨

windows security encryption audit defender compliance security-hardening tpm2 proactive bitlocker firewall-configuration intune harden windowsdefender enterprise-security wdac windows11 applicationcontrol operation-system-security 1st-party-security

UpdatedDec 16, 2025
C#

intuitem /ciso-assistant-community

Star3.4k

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec, Compliance/Audit Management, Privacy and supporting +100 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, CyFun, AirCyber, NCSC, ECC, SCF and so much more