Search Results for "compliance"
Sort By:
Showing 444 open source projects for "compliance"
View related business solutions-
Go from Code to Production URL in SecondsSkip the Kubernetes configs. Cloud Run handles HTTPS, scaling, and infrastructure automatically. Two million requests free per month.
-
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
1
macOS Security Compliance
macOS Security Compliance Project
The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5. -
2
pinning-service-compliance
This repo checks the compliance of IPFS Pinning Services
The compliance test suite for IPFS Pinning Service API Spec. Run the compliance checker against a service. It is recommended to use an auth_token separate from your production/live services. The compliance checks will do their best not to corrupt any existing pins you have, but consistent tests without consistent data is challenging. -
3
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. -
4
OSS Review Toolkit
A suite of tools to automate software compliance checks
OSS Review Toolkit (ORT) is a suite of tools designed to automate the process of reviewing and ensuring compliance of open-source software dependencies. It assists in analyzing project dependencies, scanning for license information, and evaluating compliance with customizable policies. ORT supports integration into CI/CD pipelines, making it a valuable asset for organizations aiming to maintain open-source compliance at scale. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
fleet
Open-source platform for IT, security, and infrastructure teams
Fleet exposes familiar concepts from traditional MDMs like custom attributes and dynamic grouping, but in a way that lets you work directly with data and events from each native operating system. A device management platform for managing and monitoring endpoints, specifically designed for IT security and compliance teams. -
6
Watcher
Open Source Cybersecurity Threat Hunting Platform
Watcher is a file integrity monitoring tool that detects unauthorized changes to files, helping organizations maintain compliance and security. -
7
pgAudit
PostgreSQL Audit Extension
pgaudit is a PostgreSQL extension that provides detailed session and object-level auditing to meet compliance and security requirements. It extends the standard PostgreSQL logging capabilities by capturing structured audit logs for activities such as DML, DDL, and role changes. Designed for environments that require traceability, pgaudit makes it easier to track who did what, when, and where in a database. -
8
WhoDB
A lightweight next-gen data explorer
...It uses logical decoding and hooks into PostgreSQL internals to log query metadata, user identities, and timestamps in a separate audit schema. WhoDB is useful for compliance, security monitoring, and debugging in multi-user environments. -
9
SCAP Security Guide
Security automation content in SCAP, Bash, Ansible, and other formats
...These documents can be presented in different forms and by different organizations to meet their security automation and technical implementation needs. For general use, we recommend Source DataStreams because they contain all the data you need to evaluate and put machines into compliance. The datastreams are part of our release ZIP archives. "Ansible content" refers to Ansible playbooks generated from security profiles. These can be used both in check-mode to evaluate compliance, as well as run-mode to put machines into compliance. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
...You can run scans via the CLI, or add the Kubescape Helm chart, which gives an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. All results are presented in context and users get many cues on what to do based on scan results. Targeted at the DevSecOps practitioner or platform engineer, it offers an easy-to-use CLI interface, flexible output formats, and automated scanning capabilities. -
11
ScubaGear
Automation to assess the state of your M365 tenant against CISA
ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations. -
12
PacketFence
Free and Open Source network access control (NAC) solution
PacketFence is a fully-featured, open-source network access control (NAC) solution that provides secure wired and wireless network access. It supports 802.1X, captive portal authentication, device profiling, endpoint compliance, and guest access. PacketFence is used in enterprise, education, and healthcare environments to enforce security policies and network segmentation. -
13
Pomerium
Pomerium is an identity and context-aware access proxy
...Pomerium adds authentication and authorization to any application or server, giving IT Management a centralized panel for organization-wide control. Assert compliance in your current architecture without giving up control over data tenancy. Pomerium supports your infrastructure and can be deployed in all environments: cloud, hybrid, or on-prem. From AWS to Kubernetes and more, your internal and 3rd-party apps are covered. -
14
Amazon SSM Agent
An agent to enable remote management of your EC2 instances
...Automate proactive processes such as patching and resource changes, as well as reactive processes, to quickly diagnose and remediate operational issues before they affect users. Adapt your security and compliance profile and analyze security events after the fact to prevent a future reoccurrence. Maintain instance compliance against your patch, configuration, and custom policies. -
15
FOSSA CLI
Fast, portable and reliable dependency analysis for any codebase
FOSSA CLI is a command-line tool that scans your codebase to identify open-source dependencies and their associated licenses and vulnerabilities. It integrates into CI/CD pipelines to provide automated compliance checks, license audits, and security analysis. Designed for enterprise software teams, FOSSA CLI helps enforce open-source policies at scale and provides accurate, automated insights into third-party software usage through deep analysis of transitive dependencies and ecosystem-specific configurations. -
16
Meetily
Privacy first, AI meeting assistant with 4x faster Parakeet/Whisper
This project is a privacy-first AI meeting assistant that captures meeting audio, produces real-time transcripts, and generates summaries while keeping processing entirely on your own machine or infrastructure. It’s built for organizations that want meeting intelligence without sending recordings or transcripts to third-party cloud services, which helps address compliance and data sovereignty requirements. The app supports live transcription with local model options (including Whisper- and Parakeet-based workflows) and presents the transcript as the meeting happens, making it useful both for note-taking and accessibility. After or during the session, it can produce structured, AI-generated summaries, and it’s designed to be flexible about where that summarization comes from, supporting local providers as well as external endpoints when allowed by policy. -
17
GitLab
Please open new issues in our issue tracker on GitLab
...GitLab’s features extend into the operational lifecycle—container registries, infrastructure as code, monitoring dashboards, and incident management—allowing platform teams to define guardrails and compliance as code across projects and groups. It supports extensive automation via pipelines, runners, webhooks, and a comprehensive REST/GraphQL API, enabling complex workflows like canary deployments, feature flagging, and security scanning as part of merge request gates. -
18
gruntwork.io website
The gruntwork.io website
The Gruntwork team deploys a Reference Architecture for you, setting you up with all the foundational pieces you need to get started with AWS and Terraform, including your Landing Zone, network topology, CI / CD pipeline, guard rails, monitoring, out-of-the-box compliance, and more. Use the Gruntwork Infrastructure as Code Library (IaC Library), a collection of reusable Terraform code that has been proven in production at hundreds of companies, to deploy the rest of your infrastructure, including EKS, ECS, EC2, MySQL, Postgres, Elasticsearch, Kafka, etc. Gruntwork Compliance modules are certified compliant by the Center for Internet Security (CIS), so all your infrastructure is compliant out-of-the-box and includes controls and guard rails to prevent or alert about non-compliant behavior. ... -
19
braintree_ios
Braintree SDK for iOS
...It supports credit cards, PayPal, Apple Pay, and other popular payment methods, providing a seamless checkout experience. The SDK emphasizes security, ease of integration, and compliance with industry standards. -
20
Spree Commerce
An open source E-commerce platform for growing brands
...It’s got amazing page load speed and SEO; fast and easy installation, customization and configuration; options for flexibility and scalability; as well as mature underlying technology that ensures maximum security and compliance. It’s been downloaded over a million times, helping numerous businesses achieve success. -
21
CloudQuery
The open-source cloud asset inventory powered by SQL
...Use standard SQL to find any asset based on any configuration or relation to other assets. Connect CloudQuery standard PostgreSQL database to your favorite BI/Visualization tool such as Grafana, QuickSight, etc. Codify your security & compliance rules with SQL as the query engine. Integrate CloudQuery with your current visualization, monitoring, and alerting such as Grafana. CloudQuery supports the TimescaleDB PostgreSQL extension, giving you full historical snapshots of your cloud asset inventory. Data analysis, security, auditing, and compliance. Leverage SQL to get visibility into your cloud infrastructure and SaaS applications. ... -
22
AccessibilitySnapshot
Easy regression testing for iOS accessibility
...It helps developers ensure that accessibility labels, traits, and hierarchies are properly configured and presented. By providing automated testing capabilities, it improves accessibility compliance and makes UI testing more robust. -
23
IntuneManagement
Copy, export, import, delete, document and compare policies
IntuneManagement is a collection of scripts, modules, and automation patterns for administering Microsoft Intune environments at scale. It provides helpers to manage device enrollment, configuration profiles, compliance rules, application assignments, and reporting, often leveraging PowerShell and the Microsoft Graph API to perform bulk operations. The toolkit is aimed at IT pros who must apply consistent policies across many endpoints, offering idempotent commands and templates to codify common policies and onboarding flows. Many such projects include sample automation for dynamic device groups, license checks, or automatic remediation workflows triggered by compliance violations. ... -
24
Gradle License Plugin
Gradle plugin that provides a task to generate a HTML license report
The Gradle License Plugin helps developers manage and audit software licenses for dependencies in Android and Java projects. It automatically detects third-party libraries and generates a report containing license details. This is particularly useful for ensuring compliance with open-source licenses, making it easier for teams to identify potential legal issues or attribution requirements before releasing software. -
25
Monokle
Better create, understand, and deploy YAML manifests
...Deploy, manage and audit policies for your teams across the entire configuration lifecycle from a centralized Dashboard. Define polices using 100+ pre-existing rules for Security, Resource Usage, and Compliance. Create your own Validation Extensions for your organization's compliance and conventions. Assess policy enforcement impact by validation reporting and insights. Instant detection of YAML misconfigurations with context for quick fixes without ever leaving your existing IDE. GitHub integration identifies misconfigurations in your Pull Requests with immedate actions to analyze and fix in Web IDE. ...
