GRC

ISO2HANDLE is a powerful software that provides a total solution for Q&R professionals, trusted by over 50,000 users and 750+ organizations worldwide.

ServiceNow Governance, Risk, and Compliance (GRC) is an integrated suite of products that enables organizations to build operational resilience, mitigate risks, and ensure compliance across the enterprise through a unified platform, data model, AI-powered insights, and automated workflows.

SAP GRC and cybersecurity solutions provide integrated capabilities for managing enterprise risk, compliance, international trade, cybersecurity, and identity and access governance, leveraging predictive analytics, real-time monitoring, and automation.

Drata is a cloud-based platform that automates security and compliance processes, evidence collection, and audit preparation for various industry standards and regulations.

A tool for achieving and proving compliance with NIST 800-171 and CMMC cybersecurity requirements

Verity is a comprehensive compliance management tool that helps organizations manage their governance, risk, and compliance initiatives.

A GaaS platform that simplifies and streamlines compliance processes for MSPs, ensuring their policies are properly aligned, authorized, adopted, and assessed.

Retraced is an audit logging solution that provides compliant, searchable audit trails for applications with client libraries for Go and JavaScript.

Watchmen is a framework that centralizes AWS Config rule lambda functions into a single account for streamlined compliance management and automation.

CustomProcessor is a policy management tool that enables users to create and manage custom policies for IETF policy frameworks through a user-friendly interface.

PacBot is a cloud security platform that provides continuous compliance monitoring, automated policy enforcement, and security reporting through policy-as-code implementation and multi-source data integration.

On-demand access to AWS and ISV compliance reports with time-saving benefits.

Continually audit your AWS usage to simplify risk and compliance assessment.

A collection of Ansible roles for hardening various systems and services

A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

Exterro is a data risk management platform that optimizes e-discovery, digital forensics, and cybersecurity compliance operations.

Gatekeeper is a policy management tool for Kubernetes that provides an extensible, parameterized policy library and native Kubernetes CRDs for instantiating and extending the policy library.

CSET is a free Windows-based tool that helps organizations identify cybersecurity vulnerabilities in enterprise and industrial control systems using hybrid risk and standards-based assessment approaches.

aws-allowlister automatically generates AWS Service Control Policies that restrict access to only compliance-framework-approved AWS services.

A comprehensive auditd configuration for Linux systems following best practices.

A community-driven GRC solution that is simple, affordable, and open-source.

A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.

Lockdown Enterprise is a subscription service for Ansible Lockdown to automate security benchmark compliance.