Compliance

POFR is a Linux forensic data collection system that captures process execution, file access, and network activity for incident response and compliance analysis.

BeyondTrust Privileged Access Management (PAM) provides comprehensive security controls for privileged accounts and users.

PrismX is a cloud security dashboard that provides centralized AWS security monitoring based on CIS benchmarks with JIRA integration for issue management.

A centralized platform for managing open source components and automating software supply chain security.

A command-line interface tool for managing container image security analysis, vulnerability scanning, and policy enforcement through the Anchore Engine REST API.

A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.

Cloud-based endpoint protection using machine learning and threat intel

Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.

A community-driven GRC solution that is simple, affordable, and open-source.

Track user activity and API usage on AWS and in hybrid and multicloud environments.

A community repository of custom AWS Config rules for evaluating AWS resource configurations against compliance and security standards.

A free online tool that scans and fixes common security issues in WordPress websites.

A deprecated Kubernetes workload policy enforcement tool that helped secure multi-tenant clusters through various security policies and configurations.

ThreatLocker is an enterprise cybersecurity platform that provides comprehensive endpoint protection and zero-trust security to prevent ransomware, viruses, and other malicious software from running on endpoints.

Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.

A comprehensive guide to securing Industrial Control Systems (ICS) from cyber threats, published by NIST.

Receive important notifications and updates related to North American electric grid security.

An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.

A comprehensive IT infrastructure automation platform for managing hybrid infrastructure through configuration, patch, and security management.

AirIAM analyzes AWS IAM usage patterns and generates least-privilege Terraform configurations to optimize cloud access management.

rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.

Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.

Lockdown Enterprise is a subscription service for Ansible Lockdown to automate security benchmark compliance.

A community website for API security news, vulnerabilities, and best practices