CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 100+ global frameworks with automatic control mapping, including ISO 27001, NIST CSF, SOC 2, CIS, PCI DSS, NIS2, DORA, GDPR, HIPAA, CMMC, and more.

Medplum is a healthcare platform that helps you quickly develop high-quality compliant applications.

Compliance automation framework, focused on SOC2

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

AI Native platform to get companies compliant - Vanta & Drata Alternative

Open source solutions for SOC2, GDPR, and ISO27001

Metriport is an open-source universal API for healthcare data.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

AuditKit - Multi-Cloud Compliance Scanner & Evidence Collection

Open source compliance automation for SOC 2, GDPR, ISO27001, NIST 800-53, and more

Template SOC2 Policy Authority - documentation pipeline

No description provided.

Open Source AWS Control Tower

A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management. ISO27k, GDPR, SOC2, NIST

Secure SDLC process template

A curated list of tools, frameworks, and resources for IT compliance, security standards, and regulatory requirements

SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.

RD - PHP docker base images

Zero-code K8s sidecar for log sanitization. Detects secrets via Entropy Analysis, preserves JSON integrity, and redacts PII deterministically. 🛡️

This repository is dedicated to providing resources, information, and tools related to the NIS2 Directive, a European Union regulation aimed at improving the security of network and information systems across the EU.

The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simplifies tracking of security readiness against ATT&CK® tactics and techniques, offering a customizable, user-friendly interface for SOC analysts.

199+ production-ready AI skills for Claude Code, Cursor, Copilot, Codex & more — Engineering, Marketing, Product, PM, C-Level, Compliance (18 frameworks), Finance, HR, Sales, Data Analytics, Business Growth

Designed for developers and compliance teams, the soc2 CLI tool utilizes the Go programming language and Cobra framework to offer an automated solution for evaluating SOC2 compliance. By assessing key areas such as Security, Availability, Processing Integrity, Confidentiality, and Privacy.

A collection of awesome framework, libraries, documents, learning tutorials, resources about SOC 2 tools and processes.

A curated list of awesome compliance resources, libraries, and tooling

The Vanta Control Set maps common compliance standards from their requirements to controls and provides them in an easy to consume machine-readable format.

Simple Docker Images

the openlane ui - holds the openlane console and storybook

Point of Concept: To help to automate the collection of evidence for SOC 2 Audits and etc.