#
compliance
Here are 284 public repositories matching this topic...
An open source, general-purpose policy engine.
-
Updated
Oct 31, 2020 - Go
Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
-
Updated
Oct 30, 2020 - Python
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
security
intrusion-detection
pci-dss
compliance
hids
fim
loganalyzer
ossec
policy-monitoring
nist800-53
file-integrity-management
-
Updated
Oct 8, 2020 - C
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
aws
security
cis
security-audit
cloud
aws-cli
assessment
forensics
compliance
hardening
security-hardening
hipaa
cloudtrail
gdpr
security-tools
cis-benchmark
aws-auditing
prowler
well-architected
-
Updated
Oct 30, 2020 - Shell
mjmenger
commented
Aug 31, 2020
Describe the problem
when executing an inspec profile from a remote repository with a default branch not named master the following error is returned.
inspec exec https://github.com/org/profile.git
Profile git dependency failed - unable to resolve ma
Wazuh - The Open Source Security Platform
security
elasticsearch
log-analysis
monitoring
incident-response
ids
intrusion-detection
pci-dss
compliance
security-hardening
loganalyzer
vulnerability-detection
ossec
openscap
wazuh
policy-monitoring
security-awareness
file-integrity-management
-
Updated
Oct 30, 2020 - C
aws
security
ci
azure
terraform
scanner
static-analysis
infrastructure-as-code
compliance
google-cloud-platform
hacktoberfest
-
Updated
Oct 30, 2020 - Go
immudb is a lightweight, high-speed immutable database for systems and applications
go
golang
immutable
database
key-value
verification
pci-dss
compliance
merkle-tree
immutable-database
gdpr
sensitive-data
regulations
tamperproof
-
Updated
Oct 30, 2020 - Go
jonjozwiak
commented
Jun 18, 2020
Check to confirm CloudTrail is configured for multi-region.
CloudFormation - IsMultiRegionTrail: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudtrail-trail.html
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
windows
auditing
certificates
chrome-browser
audit
windows-10
windows-server
compliance
nessus
group-policy
applocker
internet-explorer
windows-firewall
microsoft-office
windows-server-2016
adobe-reader
-
Updated
Sep 12, 2018 - HTML
Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
security
ansible
cybersecurity
pci-dss
application-security
compliance
scap
hardening
security-hardening
xccdf
oval
cpe
information-security
cce
usgcb
ospp
stig
security-automation
security-tools
security-profile
-
Updated
Oct 30, 2020 - Python
Open
`make install`
stouset
commented
Jun 6, 2018
We should make it easier to install this plugin.
pombredanne
commented
Sep 5, 2020
There are about ~240 URLs and licenses listed at https://directory.fsf.org/wiki?title=Category:License
We should:
- ensure that we can detect all of them
- ensure that we can detect their URL
We should also add as an "other_urls" ech URL to the corresponding license YAML
a lightweight, security focused, BDD test framework against terraform.
-
Updated
Oct 30, 2020 - Python
alexmylonas
commented
May 13, 2020
Describe the ideal solution
We need a new endpoint that functions as getIntegrationById endpoint.
Describe your use cases
We currently fetching all integration via appsync (or more specifically a sub-category of integrations based on integrationType) and iterate until we find one that matches the integrationId passed.
How frequently would you use such feature
Although, we
NIST Certified SCAP 1.2 toolkit
-
Updated
Oct 27, 2020 - XSLT
The GDPR Checklist
-
Updated
Oct 20, 2020 - JavaScript
Compliance automation framework, focused on SOC2
-
Updated
Sep 17, 2020 - Go
Symmetric Encryption for Ruby Projects using OpenSSL
-
Updated
Aug 20, 2020 - Ruby
Open
REST-API: reuse component expects group id. Is there any endpoint to get group id from group name?
1
lakshmibhavani1
commented
Sep 14, 2020
Description
In rest-api, the reuse component has a mandatory parameter reuse_group of type integer which expects group id. But there is no endpoint available to get a group id from the group name.
How to reproduce
Most of the endpoints have group parameter that expects group name of type string. But for the reuse component which has parameter reuse_group, expects group id of typ
sschuberth
commented
May 10, 2020
The code at
can be simplified now that Stack 2.3.1 supports ls dependencies json.
Continuous Auditing & Configuration
auditing
devops
automation
configuration-management
compliance
continuous-configuration
continous-auditing
-
Updated
Oct 30, 2020 - Scala
A common framework enabling companies to work together to protect consumers' privacy and data rights.
open-source
privacy
data-driven
compliance
portability
gdpr
right-to-be-forgotten
data-processor
data-portability
data-subject-request
ccpa
california-privacy
-
Updated
Jul 30, 2020
Wazuh - Ruleset
security
elasticsearch
log-analysis
monitoring
incident-response
ids
intrusion-detection
pci-dss
compliance
security-hardening
loganalyzer
vulnerability-detection
ossec
openscap
wazuh
policy-monitoring
security-awareness
file-integrity-management
-
Updated
Oct 30, 2020 - Python
IgnacioRV
commented
Feb 7, 2020
Description
Currently add_failure takes the values required to create a failure, creates it then adds it to the Result object's failed_rules
On the other hand add_warning takes a Failure object directly.
Proposed solution
The methods should be updated so that they both have the same behavior (or maybe even just add an add_finding method which takes a type that can be either Failure o
List of DNS violations by implementations, software and/or systems
-
Updated
Jul 28, 2020
Wazuh - Docker containers
docker
security
elasticsearch
log-analysis
monitoring
incident-response
ids
intrusion-detection
pci-dss
compliance
security-hardening
loganalyzer
vulnerability-detection
ossec
openscap
wazuh
policy-monitoring
security-awareness
file-integrity-management
-
Updated
Oct 29, 2020 - CSS
Wazuh - Kibana plugin
security
elasticsearch
kibana
log-analysis
monitoring
incident-response
ids
intrusion-detection
pci-dss
compliance
security-hardening
loganalyzer
vulnerability-detection
ossec
openscap
gdpr
wazuh
policy-monitoring
security-awareness
file-integrity-management
-
Updated
Oct 30, 2020 - JavaScript
Improve this page
Add a description, image, and links to the compliance topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the compliance topic, visit your repo's landing page and select "manage topics."
It would be nice if lynis would gather (and report in the portal/reports) information about user-accounts: