cspm

Data pipelines for cloud config and security data. Build cloud asset inventory, CSPM, FinOps, and vulnerability management solutions. Extract from AWS, Azure, GCP, and 70+ cloud and SaaS sources.

go kubernetes github-api bigquery aws data google sql etl azure gcp data-engineering data-analysis data-integration data-collection elt etl-framework cspm airbyte attack-surface-management

UpdatedDec 17, 2025
Go

deepfence /ThreatMapper

Star5.2k

Open Source Cloud Native Application Protection Platform (CNAPP)

kubernetes devops containers secops cloud-native compliance vulnerability-detection vulnerability-management hacktoberfest observability vulnerability-scanners threat-analysis security-tools cloudsecurity devsecops scanning-tool registry-scanning cspm cwpp cnapp

UpdatedJul 24, 2025
TypeScript

aquasecurity /cloudsploit

Star3.7k

Cloud Security Posture Management (CSPM)

aws security security-audit cloud azure gcp oracle oci alibaba aqua cspm

UpdatedDec 4, 2025
JavaScript

someengineering /fixinventory

Star2.1k

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

aws security digitalocean security-audit gcp cybersecurity infrastructure-as-code security-automation policy-as-code cspm cnapp

UpdatedMay 19, 2025
Python

HummerRisk /HummerRisk

Star1.5k

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

security vulnerability cloud-native compliance cloud-custodian compliance-as-code prowler sbom kubernetes-security trivy k8s-security cspm cloud-native-security

UpdatedDec 26, 2024
Java

cloudgraphdev /cli

Star892

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

graphql kubernetes aws security nist devops cis security-audit cloud azure iso gcp developer-tools pci tencent devops-tools security-tools cspm

UpdatedNov 13, 2023
TypeScript

stackql /stackql

Sponsor

Star827

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

devops cloud sql infrastructure-as-code hacktoberfest cloud-config devsecops openapi3 cloud-security asset-management cloud-operations iga identity-governance cloud-automation cspm stackql

UpdatedDec 5, 2025
Go

Zeus-Labs /ZeusCloud

Star728

Open Source Cloud Security

aws security cis cloud cybersecurity infosec pentesting bugbounty blueteam security-tools cloudsecurity devsecops cspm cwpp cnapp ciem

UpdatedOct 26, 2023
TypeScript

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

security oss optimization audit compliance devsecops cloud-security container-security security-auditing-tool policy-as-code cspm

UpdatedJun 3, 2025
TypeScript

selefra /selefra

Star542

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

kubernetes golang aws devops google cloud azure terraform gcp openai infrastructure-as-code finops policy-as-code cspm chatgpt

UpdatedAug 30, 2023
Go

turbot /powerpipe

Star468

Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.

mysql kubernetes aws security devops cis cloud sql azure sqlite terraform postgresql gcp dashboards hcl hacktoberfest devsecops cspm duckdb cnapp

UpdatedNov 21, 2025
TypeScript

OpenCSPM /opencspm

Star342

Open Cloud Security Posture Management Engine

kubernetes aws security security-audit cloud gcp cspm

UpdatedFeb 19, 2022
Ruby

openraven /magpie

Star193

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

aws security security-audit cloud gcp security-vulnerability security-scanner security-tools cloudsecurity security-testing cspm

UpdatedAug 29, 2024
Java

someengineering /cloud-security-list

Star180

A list of cloud security tools and vendors.

aws security azure gcp siem cspm attack-surface-management cnapp dspm

UpdatedSep 6, 2024

antgroup /CloudRec

Star173

CloudRec is an open source multi-cloud security posture management (CSPM) platform designed to help organizations improve the security of their cloud environments.

security cloud cybersecurity opa scans aws-security multi-cloud devsecops cloud-security alibabacloud gcp-security cspm

UpdatedDec 8, 2025
Java

goldfiglabs /rpCheckup

Star162

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

aws ec2 s3 infosec aws-security cloudsecurity resourcepolicy cspm

UpdatedApr 22, 2021
Go

CloudDefenseAI /falco_extended_rules

Star86

Curating Falco rules with MITRE ATT&CK Matrix

security devops malware threat malware-analysis threat-modeling vulnerability-detection vulnerability-scanners threat-analysis security-tools cloudsecurity zero-day devsecops falco kuberentes container-security kubernetes-security workload-security cspm cnapp

UpdatedMar 7, 2024
Python

PaloAltoNetworks /prisma_channel_resources

Star74

A collection of technical and sales resources related to Prisma Cloud Compute and Prisma Cloud Enterprise created for the PANW Channel Partner Ecosystem and other engineers working with the solution

redlock cws devsecops prisma cwp twistlock prisma-cloud aporeto cspm cloudnativesecurity containersecurity cnapp

UpdatedDec 19, 2024
Shell

Improve this page

Add a description, image, and links to thecspm topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with thecspm topic, visit your repo's landing page and select "manage topics."

Learn more

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly