Open Source Cloud Native Application Protection Platform (CNAPP)

Open-source infrastructure and data orchestration platform for risk decisioning

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

The open source compliance platform - Drata & Vanta Alternative

opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.

Plugins for Wazuh Dashboard

Kexa's simple rules (Open Source) make it easy to monitoring and manage alerting of your entire cloud. With various monitoring and alerting options, instant and detailed alerts, easy-to-deploy and low in infrastructure costs, in turns complexity into simplicity.

Analyze your AWS serverless app in one command! 30+ best practices to improve costs💰 security🛡 stability🧘‍♀️ speed🚀 and sustainability🌱

The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

Open source AI governance platform. Join our Discord channel: https://discord.com/invite/d3k3E4uEpR

Verify that pull request titles start with a ticket ID

Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool

Exlint CLI 📦️ Centralize coding standards across repositories in seconds.

Open-source graph tool for exploring blockchain transactions with a focus on compliance and risk analysis.

Enterprise Governance Layer (Identity, RBAC, Credentials, Auditing, Logging, Tracing) for the Model Context Protocol SDK

Comply is a tiny library to help you define policies in your app

A GitHub Action for running Parasoft C/C++test analysis

Starchitect-CloudGuard is an open-source tool providing cloud infrastructure security tests via runtime checks of live Cloud accounts and static analysis of infrastructure-as-code files.

The CIA Compliance Manager is an application that helps organizations assess and manage the availability, integrity, and confidentiality of their systems and data based on customizable security levels, providing real-time cost estimates, business impact assessments, and technical implementation details.

Example multi-region application with data residency. Suitable for global and regulated businesses.