This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

[WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

HardeningKitty and Windows Hardening Settings

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +60 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

PCI-DSS compliant Debian 10/11/12 hardening

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Open Source Cloud Security

Ansible role for Red Hat 7 CIS Baseline

Исчерпывающее руководство по приватности и контр-ОСИНТ для Рунета и всего СНГ 🇷🇺

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

open source, cloud-native, graph-based asset inventory

Comprehensive Counter OSINT and privacy guide (initially for CIS countries)

Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.

Ansible role for Red Hat 8 CIS Baseline

Simple command line tool to check for compliance against CIS Benchmarks

Blue Team Scripts

Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

Ansible role for Ubuntu22 CIS Baseline