Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
-
Updated
Apr 29, 2024 - Shell
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Security automation content in SCAP, Bash, Ansible, and other formats
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Wazuh - Docker containers
Wazuh - Ruleset
Plugins for Wazuh Dashboard
VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE, CVE, MITRE ATT&CK, PCI DSS, issues import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/PDF report, attachments, automatic changelog, statistics, vulnerability management, bug bounty, methodologies and more!!
CISO Assistant is an open-source one-stop-shop for GRC - Risk and Audit Management supporting +30 standards and frameworks: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber and so much more
Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs
Wazuh - Ansible playbook
Wazuh - Project documentation
SIAC is an enterprise SIEM built on open-source technology.
MCW Modern cloud apps
Add a description, image, and links to the pci-dss topic page so that developers can more easily learn about it.
To associate your repository with the pci-dss topic, visit your repo's landing page and select "manage topics."