CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Compliance/Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

• UpdatedMar 22, 2025
• Python

Medplum is a healthcare platform that helps you quickly develop high-quality compliant applications.

• UpdatedMar 23, 2025
• TypeScript

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App:https://github.com/marketplace/lunatrace-by-lunasec/

• UpdatedMay 2, 2024
• TypeScript

Compliance automation framework, focused on SOC2

• UpdatedJul 21, 2022
• Go

Metriport is an open-source universal API for healthcare data.

• UpdatedMar 22, 2025
• JavaScript

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking.https://gapps.darkbanner.com

• UpdatedJan 13, 2025
• HTML

The open source compliance platform - Drata & Vanta Alternative

• UpdatedMar 21, 2025
• TypeScript

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

• UpdatedMar 21, 2025
• Java

Open source solutions for SOC2, GDPR, and ISO27001

• UpdatedMar 21, 2025
• TypeScript

• UpdatedMar 17, 2025
• HCL

Template SOC2 Policy Authority - documentation pipeline

• UpdatedSep 23, 2020
• HTML

Open Source AWS Control Tower

• UpdatedJan 3, 2025
• Go

Secure SDLC process template

• UpdatedMar 12, 2025
• HTML

RD - PHP docker base images

• UpdatedJun 10, 2019
• Roff

SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.

• UpdatedMar 22, 2025
• Vue

A collection of awesome framework, libraries, documents, learning tutorials, resources about SOC 2 tools and processes.

• UpdatedJan 30, 2022

Designed for developers and compliance teams, the soc2 CLI tool utilizes the Go programming language and Cobra framework to offer an automated solution for evaluating SOC2 compliance. By assessing key areas such as Security, Availability, Processing Integrity, Confidentiality, and Privacy.

• UpdatedFeb 12, 2024
• Shell

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

• UpdatedDec 30, 2024

Simple Docker Images

• UpdatedFeb 12, 2025
• Dockerfile

This repository is dedicated to providing resources, information, and tools related to the NIS2 Directive, a European Union regulation aimed at improving the security of network and information systems across the EU.

• UpdatedOct 4, 2024