Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Security automation content in SCAP, Bash, Ansible, and other formats

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Wazuh - Docker containers

PCI-DSS compliant Debian 11/12 hardening

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

VULNRΞPO - Free vulnerability report generator and repository, end-to-end encrypted! Templates of issues, CWE,CVE,MITRE ATT&CK,PCI DSS, import Nmap/Nessus/Burp/OpenVAS/Bugcrowd/Trivy, Jira export, TXT/JSON/MARKDOWN/HTML/DOCX, attachments, automatic changelog, stats, vulnerability management, bugbounty, local ai/llm, super fast pentest reporting!

Wazuh - Ruleset

Plugins for Wazuh Dashboard

A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

Wazuh - Ansible playbook

Wazuh - Project documentation

AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection

Wazuh - Tools for packages creation

SIAC is an enterprise SIEM built on open-source technology.

OWASP Kubernetes security and compliance tool [WIP]

Wazuh - RESTful API

A docker container for openvas

Wazuh - Splunk App

Wazuh - Puppet module

Wazuh - Amazon AWS Cloudformation

Ansible role for Debian 10 CIS hardening

Azure PCI PaaS Reference Architecture

Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

Magento 2 module that provides compatibility with PCI DSS 4.0 requirements