Best Compliance Software for GitHub
View:
Compare the Top Compliance Software that integrates with GitHub as of November 2024
Sort By:
This a list of Compliance software that integrates with GitHub. Use the filters on the left to add additional filters for products that have integrations with GitHub. View the products that work with GitHub in the table below.
What is Compliance Software for GitHub?
Compliance software allows organizations to track, monitor and manage compliance and internal controls with the purpose of ensuring regulatory compliance. Compare and read user reviews of the best Compliance software for GitHub currently available using the table below. This list is updated regularly.
Need help deciding?
Talk to one of our software experts for free. They will help you select the best software for your business.
-
1
Hyperproof
Hyperproof
Hyperproof makes building out and managing your information security frameworks easy by automating repetitive compliance operation tasks so your team can focus on the bigger things. The Hyperproof solution also offers powerful collaboration features that make it easy for your team to coordinate efforts, collect evidence, and work directly with auditors in a single interface. Gone are the days of uncertainty around audit preparation and compliance management process. With Hyperproof you get a holistic view of your compliance programs with progress tracking, program health monitoring, and risk management. -
2
Titan
Titan
Bend, don’t break with Titan’s flexible business solutions and forms for Salesforce. Our scalable Salesforce Forms and software is rapidly developing a reputation as the gold-standard in Salesforce integration, and it’s easy to see why. Slash time to market, nuke code, and tackle any use case on a single platform. Our best-of-breed forms in Salesforce and applications cater to any industry and it’s our mission to provide custom solutions for difficult problems. Build web portals, sign documents, generate docs, send surveys, automate contracts, fill out forms in Salesforce, and so much more in just a few simple clicks. No code required and AI assisted! This is all 100% Salesforce integrated, empowering you to send data to the #1 CRM and pull it back in real-time. No other product on the market does it better or faster. Our customers and partners are the heartbeat of Titan. If you need a feature, simply request it via our Titan X Lab and we will consider it for our roadmap!Starting Price: $12 per month -
3
Modern Requirements4DevOps
Modern Requirements
Modern Requirements4DevOps turns Azure DevOps into a full-featured Requirements Management tool. Microsoft calls MR4DevOps its go-to partner for requirements management. Bring your teams together under one platform to create a true single source of truth model where requirements live next to your Test Cases and code repositories. MR4DevOps is designed to bring many new features to Azure DevOps including: • Robust requirements management, including curation, collaboration, and communication • Authoring tools within ADO like SmartDocs and SmartReports • Reviews • End-to-end traceability • Reporting • Modelling Modern Requirement4DevOps supports agile, waterfall, and hybrid requirements approaches. It includes an industry-leading feature set with complete project auditability. -
4
SkyPrep
SkyPrep
SkyPrep is an intuitive online training software that helps organizations deliver, track, and optimize training to employees, customers, and partners with ease. Whether you are looking to onboard employees, train customers on your products, or keep up with compliance requirements, SkyPrep makes learning easy and effortless with its fully customizable and intuitive platform, along with its best-in-class customer support. Course delivery is quick and easy to set up by just dragging and dropping your content, and building the assessments that go with it. Everything is then tracked in real-time, and your users are self-guided with our automated emails and reminder system. All user scores, progress reports, and how their time is spent are consolidated into reports available to access at any time. Certification is also automated for bookkeeping. Other key features include Content Authoring Tool, Gamification, Knowledge Checks, AI-Like Chatbot, Skills Tracking. -
5
HSI Donesafe
Donesafe
HSI Donesafe is a no-code, cloud-based EHS software that simplifies safety, compliance, and risk management, transforming complex processes into user-friendly workflows. Trusted by industries worldwide, Donesafe allows organizations to track, manage, and report on essential EHS functions from one central platform. Our software adapts to your team’s style—enhancing everyday workflows with effortless compliance and smooth operations. Keep pace with evolving regulations and standards, from incident reporting and audits to training and risk assessments with Donesafe. Unlock peace of mind with: - Workflows that flex to meet ever-changing regulations - Instant insights, keeping you confident in real-time safety tracking - A scalable platform that grows in step with your team’s journey - Simplified compliance that makes audits and reporting a breeze Put safety at the heart of every day with HSI Donesafe—protect your team, simplify compliance, and ensure everyone goes home safe. -
6
Egnyte
Egnyte
Egnyte provides a unified content security and governance solution for collaboration, data security, compliance, and threat detection for multicloud businesses. More than 16,000 organizations trust Egnyte to reduce risks and IT complexity, prevent ransomware and IP theft, and boost employee productivity on any app, any cloud, anywhere.Starting Price: $10 per user per month -
7
SaltStack
SaltStack
SaltStack is an intelligent IT automation platform that can manage, secure, and optimize any infrastructure—on-prem, in the cloud, or at the edge. It’s built on a unique and powerful event-driven automation engine that detects events in any system and reacts intelligently to them, making it an extremely effective solution for managing large, complex environments. With the newly launched SecOps offering, SaltStack can detect security vulnerabilities and non-compliant, mis-configured systems. As soon as an issue is detected, this powerful automation helps you and your team remediate it, keeping your infrastructure securely configured, compliant, and up-to-date. The SecOps suite includes both Comply and Protect. Comply scans and remediates against CIS, DISA-STIG, NIST, PCI, HIPAA compliance standards. And Protect scans for vulnerabilities and patches and updates your operating systems. -
8
Mend.io
Mend.io
Trusted by the world's leading companies, including IBM, Google, and Capital One, Mend.io's enterprise suite of application security tools is designed to help you build and manage a mature, proactive AppSec program. Mend.io understands the different AppSec requirements of developers and security teams. Unlike other AppSec solutions that force everyone to use a single tool, Mend.io helps them work in harmony by giving each team different, but complementary, tools - enabling them to stop chasing vulnerabilities and start proactively managing application risk.Starting Price: $12,000 per year -
9
Jit
Jit
DevOps ain’t easy! We are hearing more and more about the breakdown and friction where Dev meets Ops, so let’s not even talk about all the other shift-left domains that add another layer of complexity in the middle like DevSecOps. Where this comes with the need to implement and integrate dozens of security tools in their SDLC. But what if it doesn’t have to be difficult? Jit's DevSecOps Orchestration Platform allows high-velocity Engineering teams to own product security while increasing dev velocity. With a unified and friendly developer experience, we envision a world where every cloud application is born with Minimal Viable Security (MVS) embedded and iteratively improves by adding Continuous Security into CI/CD/CS. -
10
Intact Platform
Intact
The Intact Platform is the leading cloud and on-premise Enterprise Resource Planning (ERP) solution for audits, assessments, certification, accreditation, and standards worldwide. It goes beyond other audit collection tools on the market with a full solution approach that helps you manage communications, business goals, and personnel. The Intact Platform is unsurpassed in functionality and features a fully modular end-to-end workflow that is easily scalable. ✓ 34% increase in efficiency on average (up to 60+%) ✓ Unmatched modularity, flexibility, and scalability ✓ All standards and audit services ✓ Digital workflow – no paper ✓ On-site and remote auditing ✓ Non-conformities & corrective actions ✓ Risk-based auditing & planning ✓ Easy client communication ✓ Reporting & business intelligence (BI) ✓ Central data and management hub (incl. full audit trail) ✓ Nonstop innovationStarting Price: On request -
11
Allstacks
Allstacks
Allstacks uses machine learning models to analyze SDLC data for delivery risks and projected outcomes for engineering leaders. Our value stream intelligence platform illuminates insights across all your projects and tools. We gather and analyze past work data and behavior from the tools your team is already using, like Jira, GitHub, and Bitbucket. Getting started takes less than two minutes. Allstacks aggregates all of your tools and data into a single platform so you can accelerate your engineering team’s ability to ship great software.Starting Price: $400/per contributor per year -
12
Microsoft Purview
Microsoft
Microsoft Purview is a unified data governance service that helps you manage and govern your on-premises, multicloud, and software-as-a-service (SaaS) data. Easily create a holistic, up-to-date map of your data landscape with automated data discovery, sensitive data classification, and end-to-end data lineage. Empower data consumers to find valuable, trustworthy data. Automated data discovery, lineage identification, and data classification across on-premises, multicloud, and SaaS sources. Unified map of your data assets and their relationships for more effective governance. Semantic search enables data discovery using business or technical terms. Insight into the location and movement of sensitive data across your hybrid data landscape. Establish the foundation for effective data usage and governance with Purview Data Map. Automate and manage metadata from hybrid sources. Classify data using built-in and custom classifiers and Microsoft Information Protection sensitivity labels.Starting Price: $0.342 -
13
Axonius
Axonius
Axonius gives customers the confidence to control complexity by providing a system of record for all digital infrastructure. With a comprehensive understanding of all assets including devices, identities, software, SaaS applications, vulnerabilities, security controls, and the context between all assets, customers are able to mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy — all while eliminating manual, repetitive tasks. Recognized as creators of the Cyber Asset Attack Surface Management (CAASM) category and innovators in SaaS Management Platform (SMP) and SaaS Security Posture Management (SSPM), Axonius is deployed in minutes and integrates with hundreds of data sources to provide a comprehensive asset inventory, uncover gaps, and automatically enforce policies and automate action. -
14
CTX
Cohesive Technology
Search Trello, Slack, Google Drive, Github and JIRA. Search, data exploration and GDPR compliance tools for digital companies. Save time every day by always being able to find that email, JIRA issue or Slack message. You're busy, and it's hard to remember whether that crucial bit of info was in a JIRA issue, in Slack or emailed in. Now it doesn't matter. Get a Slack message whenever anyone mentions your project (or your name, or anything you like really) in any of your tools. ctx dynamically stays up to date. We make sure that every time you change data in a source, they tell us about it, giving you a timely and consistent view of your data. We use advanced search techniques to drill down into your data. Slice and dice by date, type and more. Filter or page through results. Add your team - we'll take care of inviting and signing them up so they can search all the same data as you.Starting Price: £20 per month -
15
JupiterOne
JupiterOne
JupiterOne is a cyber asset analysis platform every modern security team needs to collect and transform asset data into actionable insights to secure their attack surface. JupiterOne was created to make security as simple as asking a question and getting the right answer back, with context, to make the right decision. With JupiterOne, organizations are able to see all asset data in a single place, improve confidence in choosing their priorities and optimize the deployment of their existing security infrastructure.Starting Price: $2000 per month -
16
FOSSA
FOSSA
Scalable, end-to-end management for third-party code, license compliance, and Open Source has become the critical supplier for modern software companies, changing everything about how people think about their code. FOSSA builds the infrastructure for modern teams to be successful with open source. FOSSA's flagship product helps teams track the open source used in their code and automate license scanning and compliance. Since then, over 7,000 open source projects (Kubernetes, Webpack, Terraform, ESLint) and companies ( Uber, Ford, Zendesk, Motorola) rely on FOSSA's tools to ship software. If you are in the software industry today, you're now using code that runs FOSSA. FOSSA is a venture-funded company backed by Cosanoa Ventures, Bain Capital Ventures, etc. with affiliate angels including Marc Benioff (Salesforce), Steve Chen (YouTube), Amr Awadallah (Cloudera), Jaan Tallin (Skype), and Justin Mateen (Tinder).Starting Price: $230 per month -
17
Polymer
Polymer Solutions
Polymer DLP is a comprehensive data governance and remediation platform that integrates with your SaaS applications. We use machine learning and natural language processing to automatically detect and stop sensitive information like PII or business-critical data from going to the wrong people in real time. In addition, we offer real time feedback and training to stop future incidents before they happen. Try for free today and set up a custom policy in minutes. Polymer is constantly expanding, currently we integrate with Slack, Google Drive, Microsoft Teams, One Drive, Bitbucket, Github and Box.Starting Price: $4/month/user -
18
IriusRisk
IriusRisk
IriusRisk is the industry's leading threat modeling and secure design solution in Application Security. With enterprise clients including Fortune 500 banks, payments, and technology providers, it empowers security and development teams to ensure applications have security built-in from the start - using its powerful threat modeling platform. Whether teams are implementing threat modeling from scratch, or scaling-up their existing operations, the IriusRisk approach results in improved speed-to-market, collaboration across security and development teams, and the avoidance of costly security flaws. -
19
Vanta
Vanta
Thousands of fast-growing companies trust Vanta to help build, scale, manage and demonstrate their security and compliance programs and get ready for audits in weeks, not months. By offering the most in-demand security and privacy frameworks such as SOC 2, ISO 27001, HIPAA, and many more, Vanta helps companies obtain the reports they need to accelerate growth, build efficient compliance processes, mitigate risks to their business, and build trust with external stakeholders. Simply connect your existing tools to Vanta, follow the prescribed guidance to fix gaps, and then work with a Vanta-vetted auditor to complete audit. -
20
AlphaMED
Alpha Software
AlphaMed Solutions include electronic healthcare records, customized solutions, and modern healthcare and business apps that collect and analyze real-time critical patient data. These HIPAA-compliant solutions combine the expertise of software engineers and practicing physicians using cutting-edge medical protocols The apps can collect and access medical data at high speed, integrate with virtually any healthcare system, and work with or without a WIFI or cell signal. Through daily input of current symptoms and temperature readings, the AlphaMED Workplace Wellness app and AlphaMED COVIDCare Back to School App guides employees through a quarantine or illness period. Using established criteria, test results, and the illness cycle, the app determines when key milestones have been reached and alerts employees when they can safely return to work or school.Starting Price: $30 per user per month -
21
Rollbar
Rollbar
Rollbar is the leading continuous code improvement platform that proactively discovers, predicts, and remediates errors with real-time AI-assisted workflows. With Rollbar, developers continually improve their code and constantly innovate rather than spending time monitoring, investigating, and debugging.Starting Price: $29.00/month -
22
Teleport
Teleport
Teleport is the easiest, most secure way to access all your infrastructure. Our platform, the open-source Teleport Access Platform, consolidates the four essential infrastructure access capabilities every security-conscious organization needs: connectivity, authentication, authorization, and audit. By consolidating all aspects of infrastructure access into a single platform for software engineers and the applications they write, Teleport reduces attack surface area, cuts operational overhead, easily enforces compliance, and improves productivity. The Teleport Access Plane replaces VPNs, shared credentials, and legacy privileged access management technologies, improving security and engineering productivity. -
23
Uptycs
Uptycs
Uptycs is the first unified CNAPP and XDR platform. Reduce risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates. With Uptycs, you can protect your entire enterprise, from laptops and servers to public and private cloud infrastructure. The platform streamlines your response to threats and offers a single UI and data model for easy management. Uptycs ties together threat activity as it traverses on-prem and cloud boundaries, delivering a more cohesive security posture. If you're looking for a powerful security solution that eliminates silos and tool sprawl, Uptycs is the answer. Looking for acronym coverage? We have you covered, including CNAPP, CWPP, CSPM, KSPM, CIEM, CDR, and XDR. Start with your Detection Cloud, Google-like search, and the attack surface coverage you need today. Be ready for what’s next. Shift up with Uptycs. -
24
Torii
Torii Labs
Torii is a SaaS management platform. It transforms the way companies operate by creating an Autonomous IT, enabling IT to increase velocity, agility and efficiency, using a SW that manages SW automatically. With the growing usage of SaaS tools within organizations, Torii enables IT professionals to discover, optimize and control the organization SaaS usage and cost and make better use of Software. Torii gives instant visibility and control, of all company-wide SaaS apps (across G Suite, Okta, Dropbox, and more), giving control over SaaS back to IT. -
25
SD Elements
Security Compass
Security Compass, a pioneer in application security, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows. Its flagship product, SD Elements, helps organizations accelerate software time to market and reduce cyber risks by taking an automated, developer-centric approach to threat modeling, secure development, and compliance. Security Compass is the trusted solution provider to leading financial and technology organizations, the U.S. Department of Defense, government agencies, and renowned global brands across multiple industries. -
26
Tenon
Tenon.io
Every user should have equal access to your website. Tenon's tools, testing and training fix accessibility for your entire organization. Need an automated accessibility testing tool? Our API integrates into your development pipeline. Need an accessible website asap? Tenon's testers, developers and auditors fix accessibility fast. Need to fix accessibility forever? Tenon can help you to become an accessible organization. Tenon doesn't just make the best automated accessibility testing tools on the market; we can solve any accessibility problem. Tenon has produced hundred of VPATs and accessibility audits. Our rapid remediation service fixes accessibility issues on your website while testing is ongoing. Our developers can train your dev team to write accessible code and help you to define the KPIs and processes you need to become a truly accessible organization. Tenon can ensure your latest pull request is approved or crawl your project weekly and send you a report by e-mail.Starting Price: $82 per month -
27
securityprogram.io
Jemurai
Excellent security for small companies. Easily build a standard and audit-ready cybersecurity program. We want to make excellent security accessible to smaller organizations, and help them build legitimate security programs so they can win deals. Perfect for startups, you're already sprinting. Leverage a tool and a team that can keep pace with you. Document templates and built-in training allow you to make pragmatic improvements that improve security and demonstrate alignment to standards that customers trust. Your security program begins with reviewing and adopting security policies. We built the simplest possible policies that adhere to NIST 800-53 standards. We mapped the standards so that you'll know you're covered. We cross-reference our program activities to other standards including SOC 2, ISO 27001, NIST CSF, CIS 20, and CMMC to make sure you get credit for the work you do with customers and your management team.Starting Price: $99 one-time payment -
28
Boman.ai
Boman.ai
Boman.ai can be integrated in your CI/CD pipeline with few commands and minimum configuration. No planning or expertise is needed. Boman.ai brings SAST, DAST, SCA, and secret scans all packaged in one integration. It can support multiple development languages. Boman.ai minimizes your application security expenses by utilizing open-source scanners. You don’t need to buy expensive application security tools. Boman.ai is powered by AI/ML that removes false positives and correlates results to help you in prioritization and fixes. The SaaS platform presents a dashboard for all your scan results in one place. Correlate the results and get insights for better application security. Manage vulnerabilities reported by the scanner. The platform helps to prioritize, triage, and remediate vulnerabilities. -
29
TED - The Engineering Dashboard
Qentelli LLC
TED is the embodiment of advanced AI and engineering excellence which connects seamlessly with your SDLC ecosystem. Available as SaaS and cloud solution, TED automates and simplifies the process of compliance enabling the organization’s GRC efforts. -
30
ScalePad ControlMap
ScalePad
There are thousands of steps between you and your cybersecurity compliance goals. With the right cybersecurity compliance management software, you’ll hit the ground running. Start with customizable, expert-verified templates, and cross-mapping finds the overlap between common standards to get you cruising through compliance tasks. Managing evidence and policies keeps everything at hand. Keep tabs on risks and vendors too, no more spreadsheets and scattered documents, everyone on the team needs to contribute to compliance. In this personalized portal, they can access policies and handle any tasks they need to do.Starting Price: $200 per month