compliance

Star

Here are 1,952 public repositories matching this topic...

Language:All

Filter by language

All1,952 Python478 TypeScript166 Go117 JavaScript109 HCL94 Shell82 HTML72 PowerShell72 Ruby56 Rust46

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

CISOfy /lynis

Star15.3k

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

linux shell auditing devops unix security-audit pci-dss compliance hardening security-vulnerability security-hardening devops-tools hipaa vulnerability-detection vulnerability-scanners security-scanner vulnerability-assessment gdpr security-tools system-hardening

UpdatedJan 28, 2026
Shell

wazuh /wazuh

Star14.8k

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

security security-audit log-analysis incident-response cybersecurity pci-dss infosec compliance xdr siem security-hardening vulnerability-detection security-automation security-tools wazuh cloud-security malware-detection container-security file-integrity-monitoring configuration-assessement

UpdatedFeb 20, 2026
C

prowler-cloud /prowler

Star13.1k

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

python aws security security-audit cloud azure iam gcp forensics compliance hardening security-hardening hacktoberfest gdpr multi-cloud security-tools cloudsecurity devsecops cis-benchmark cspm

UpdatedFeb 20, 2026
Python

open-policy-agent /opa

Star11.2k

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

json declarative policy authorization opa cloud-native compliance open-policy-agent

UpdatedFeb 20, 2026
Go

codenotary /immudb

Star8.9k

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

go verify performance immutable sql database key-value verification pci-dss cryptographic compliance merkle-tree immutable-database gdpr zero-trust timetravel tamper-evident auditable tamperproof

UpdatedFeb 12, 2026
Go

bridgecrewio /checkov

Star8.5k

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance hacktoberfest aws-security

UpdatedFeb 19, 2026
Python

aquasecurity /tfsec

Star7k

Tfsec is now part of Trivy

go aws security digitalocean devops ci azure terraform scanner linter static-analysis infrastructure-as-code compliance google-cloud-platform hacktoberfest vulnerability-scanners devsecops misconfiguration terraform-security

UpdatedNov 10, 2025
Go

cloud-custodian /cloud-custodian

Star5.9k

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

aws lambda cloud serverless azure management gcp cloud-computing compliance rules-engine

UpdatedFeb 18, 2026
Python

deepfence /ThreatMapper

Star5.2k

Open Source Cloud Native Application Protection Platform (CNAPP)

kubernetes devops containers secops cloud-native compliance vulnerability-detection vulnerability-management hacktoberfest observability vulnerability-scanners threat-analysis security-tools cloudsecurity devsecops scanning-tool registry-scanning cspm cwpp cnapp

UpdatedJan 8, 2026
TypeScript

ossec /ossec-hids

Star5k

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

security intrusion-detection pci-dss compliance hids fim loganalyzer ossec policy-monitoring nist800-53 file-integrity-management

UpdatedFeb 9, 2026
C

HotCakeX /Harden-Windows-Security

Star4.1k

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨

windows security encryption audit defender compliance security-hardening tpm2 proactive bitlocker firewall-configuration intune harden windowsdefender enterprise-security wdac windows11 applicationcontrol operation-system-security 1st-party-security

UpdatedFeb 20, 2026
C#

intuitem /ciso-assistant-community

Star3.6k

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 100+ global frameworks with automatic control mapping, including ISO 27001, NIST CSF, SOC 2, CIS, PCI DSS, NIS2, DORA, GDPR, HIPAA, CMMC, and more.