cspm

Star

Here are 72 public repositories matching this topic...

Language:All

Filter by language

All72 Python22 Go8 HCL6 Java5 TypeScript5 JavaScript4 Jinja2 Ruby2 Shell2 HTML1

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

prowler-cloud /prowler

Star11.4k

Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

python aws security security-audit cloud azure iam gcp saas forensics compliance hardening security-hardening gdpr multi-cloud security-tools devsecops cis-benchmark well-architected cspm

UpdatedMar 17, 2025
Python

turbot /steampipe

Star7.2k

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

kubernetes golang aws security devops cis cloud etl azure sqlite terraform postgresql gcp hacktoberfest devsecops cspm steampipe postgresql-fdw cnapp zero-etl

UpdatedMar 13, 2025
Go

cloudquery /cloudquery

Star6k

The developer first cloud governance platform

go kubernetes github-api bigquery aws data google sql etl azure gcp data-engineering data-analysis data-integration data-collection elt etl-framework cspm airbyte attack-surface-management

UpdatedMar 15, 2025
Go

deepfence /ThreatMapper

Star4.9k

Open Source Cloud Native Application Protection Platform (CNAPP)

kubernetes devops containers secops cloud-native compliance vulnerability-detection vulnerability-management hacktoberfest observability vulnerability-scanners threat-analysis security-tools cloudsecurity devsecops scanning-tool registry-scanning cspm cwpp cnapp

UpdatedMar 11, 2025
TypeScript

aquasecurity /cloudsploit

Star3.5k

Cloud Security Posture Management (CSPM)

aws security security-audit cloud azure gcp oracle oci alibaba aqua cspm

UpdatedFeb 27, 2025
JavaScript

someengineering /fixinventory

Star1.8k

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

aws security digitalocean security-audit gcp cybersecurity infrastructure-as-code security-automation policy-as-code cspm cnapp

UpdatedMar 10, 2025
Python

HummerRisk /HummerRisk

Star1.5k

HummerRisk 是云原生安全平台，包括混合云安全治理和云原生安全检测。

security vulnerability cloud-native compliance cloud-custodian compliance-as-code prowler sbom kubernetes-security trivy k8s-security cspm cloud-native-security

UpdatedDec 26, 2024
Java

cloudgraphdev /cli

Star889

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

graphql kubernetes aws security nist devops cis security-audit cloud azure iso gcp developer-tools pci tencent devops-tools security-tools cspm

UpdatedNov 13, 2023
TypeScript

stackql /stackql

Sponsor

Star762

Query, provision and operate Cloud and SaaS resources and APIs using an extensible SQL based framework

devops cloud sql infrastructure-as-code hacktoberfest cloud-config devsecops openapi3 cloud-security asset-management cloud-operations cloud-automation cspm stackql

UpdatedMar 10, 2025
Go

Zeus-Labs /ZeusCloud

Star709

Open Source Cloud Security

aws security cis cloud cybersecurity infosec pentesting bugbounty blueteam security-tools cloudsecurity devsecops cspm cwpp cnapp ciem

UpdatedOct 26, 2023
TypeScript

opengovern /opensecurity

Star605

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

security oss optimization audit compliance devsecops cloud-security container-security security-auditing-tool policy-as-code cspm

UpdatedMar 13, 2025
TypeScript

selefra /selefra

Star533

The open-source policy-as-code software that provides analysis for Multi-Cloud and SaaS environments, you can get insight with natural language (powered by OpenAI).

kubernetes golang aws devops google cloud azure terraform gcp openai infrastructure-as-code finops policy-as-code cspm chatgpt

UpdatedAug 30, 2023
Go

turbot /powerpipe

Star360

Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.

mysql kubernetes aws security devops cis cloud sql azure sqlite terraform postgresql gcp dashboards hcl hacktoberfest devsecops cspm duckdb cnapp

UpdatedMar 13, 2025
TypeScript

OpenCSPM /opencspm

Star336

Open Cloud Security Posture Management Engine

kubernetes aws security security-audit cloud gcp cspm

UpdatedFeb 19, 2022
Ruby

openraven /magpie

Star182

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

aws security security-audit cloud gcp security-vulnerability security-scanner security-tools cloudsecurity security-testing cspm

UpdatedAug 29, 2024
Java

goldfiglabs /rpCheckup

Star160

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

aws ec2 s3 infosec aws-security cloudsecurity resourcepolicy cspm

UpdatedApr 22, 2021
Go

someengineering /cloud-security-list

Star153

A list of cloud security tools and vendors.

aws security azure gcp siem cspm attack-surface-management cnapp dspm

UpdatedSep 6, 2024

CloudDefenseAI /falco_extended_rules

Star78

Curating Falco rules with MITRE ATT&CK Matrix

security devops malware threat malware-analysis threat-modeling vulnerability-detection vulnerability-scanners threat-analysis security-tools cloudsecurity zero-day devsecops falco kuberentes container-security kubernetes-security workload-security cspm cnapp

UpdatedMar 7, 2024
Python

PaloAltoNetworks /prisma_channel_resources

Star70

A collection of technical and sales resources related to Prisma Cloud Compute and Prisma Cloud Enterprise created for the PANW Channel Partner Ecosystem and other engineers working with the solution

redlock cws devsecops prisma cwp twistlock prisma-cloud aporeto cspm cloudnativesecurity containersecurity cnapp