Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily with pre-defined and/or custom policies. Supports GitHub. GitLab, BitBucket and Gitea support soon. Getting Started Have you ever felt like you don’t know what’s happening in your GitHub/GitLab/BitBucket repositories? Between 100s or 1000s of themRead More
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx. KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project. Support of other solutions and additional cloud providers are on the roadmap. Getting StartedRead More
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3 Support for AWS, Azure, GCP, Kubernetes and GitHub Installing Terrascan’sRead More
Dagobah is an open source tool written in python to automate the internal threat intelligence generation, inventory collection and compliance check from different AWS resources. Dagobah collects information and save the state into an elasticsearch index.Dagobah runs into the a LAMBDA and looks at all the AWS REGIONS, actually collect differents configurations from: EC2 VPCRead More
