37 projects
Meet us in Atlanta for KubeCon + CloudNativeCon North America · Nov 10-13 REGISTER TODAY
Laravel Framework
Laravel Framework is an open-source PHP framework for building web applications, offering features such as routing, authentication, and database management.
Contributors
23,731
Organizations
4,467
Keycloak
Keycloak is an open source Identity and access management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Keycloak is based on standard protocols with an aim toward modern use cases and the flexibility to integrate with other solutions and prevent vendor lock in. Supported protocols include: OAuth2, OpenID Connect, User Managed Access 2.0 (UMA) and SAML 2.0.
Contributors
16,817
Organizations
2,530
Software value
$2.3B
The Symfony PHP Framework
Symfony is a PHP web application framework designed for building robust, scalable, and maintainable web applications using reusable components and a structured MVC architecture. It’s widely used for enterprise-level projects and forms the foundation of many other PHP platforms, including Laravel and Drupal.
Contributors
13,193
Organizations
3,169
Software value
$65M
Spring Security
Spring Security is a powerful and highly customizable authentication and access-control framework for Java applications, particularly those built with Spring. It provides comprehensive security services for enterprise software applications, including authentication, authorization, and protection against common security vulnerabilities.
Contributors
6,270
Organizations
997
Software value
$19M
Open Policy Agent
Stop using a different policy language, policy model, and policy API for every product and service you use. Use OPA for a unified toolset and framework for policy across the cloud native stack. Whether for one service or for all your services, use OPA to decouple policy from the service's code so you can release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.
Contributors
4,457
Organizations
1,210
Software value
$339M
OpenBao
OpenBao is a secure secret management and encryption tool that provides a centralized solution for storing and controlling access to tokens, passwords, certificates, and other sensitive data. It is a fork of HashiCorp Vault focused on maintaining core secret management functionality.
Contributors
2,740
Organizations
532
Software value
$234M
OpenFGA
OpenFGA is a Fine-Grained Authorization System inspired by Google's Zanzibar paper. It’s based on a Relationship-Based Access Control model that is more expressive than alternatives like RBAC/ABAC, while providing high reliability and low latency at scale. The combination of expressiveness and the ability to scale makes it suitable to be used across multiple domains, enabling standardization on a single authorization implementation."
Contributors
975
Organizations
277
Software value
$17M
SPIFFE
Inspired by the production infrastructure of Google and others, SPIFFE is a set of open-source standards for securely identifying software systems in dynamic and heterogeneous environments.
Contributors
944
Organizations
287
Software value
$7.7M
Athenz
A project from Verizon/Yahoo focusing on Kubernetes workload security.
Contributors
307
Organizations
59
Software value
$4M
Paralus
Paralus offers access management for developers, architects, and CI/CD tools to remote K8s clusters by consolidating zero-trust access principles such as transaction level authentication and authorization into a single open-source tool. It helps engineering and architecture teams streamline access control for their fleet of K8s clusters spanning different operating environments, different public clouds and K8s distributions, and on-premises data centers operating behind firewalls. Paralus grants authorized users seamless and secure access to all clusters with a native and familiar kubectl experience by acting as a proxy between the users and systems needing access and the K8s API server. It also addresses one of K8s’ main pain points by eliminating the burden of managing K8s access controls cluster by cluster. Without Paralus, companies must manually manage access to each cluster using jump hosts or VPNs, and build custom tooling to audit and map all actions performed to a user’s identity – all of which is error-prone and increases the risk of breaches as the number of clusters grows. Along with helping directly manage role-based access control (RBAC) policies and assignments, Paralus enables: - Creation of custom roles, users, and groups. - Custom user role creation and revoking of permissions. - Ability to control access via pre-configured roles across clusters, namespaces, projects, and more. - Seamless integration with Identity Providers (IdPs) allowing the use of external authentication engines for users and group definitions, such as GitHub, Google, Azure AD, Okta, and others. - Automatic logging of all user actions performed for audit and compliance purposes. - Interact with Paralus either with a modern web GUI (default), a CLI tool called pctl, or Paralus API.
Contributors
142
Organizations
41
Software value
$8.4M
Apache Ranger - Data Security Platform
Apache Ranger - To enable, monitor and manage comprehensive data security across the Hadoop platform and beyond
This project hasn't been onboarded to LFX Insights.
Apache Shiro
Apache Shiro
This project hasn't been onboarded to LFX Insights.
CanCanCan
The authorization Gem for Ruby on Rails.
This project hasn't been onboarded to LFX Insights.
Casbin
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang: https://discord.gg/S5UjpzGZjN
This project hasn't been onboarded to LFX Insights.
Elytron
WildFly Elytron: Security, Authentication, and Authorization SPIs for the WildFly project
This project hasn't been onboarded to LFX Insights.
Filament Shield
The easiest and most intuitive way to add access management to your Filament Panel; Resources, Pages & Widgets through `spatie/laravel-permission`
This project hasn't been onboarded to LFX Insights.
FreeIPA
Mirror of FreeIPA, an integrated security information management solution
This project hasn't been onboarded to LFX Insights.
Laravel Permission
Associate users with roles and permissions
This project hasn't been onboarded to LFX Insights.
Linux PAM
Linux PAM (Pluggable Authentication Modules for Linux) project
This project hasn't been onboarded to LFX Insights.
Micronaut
Micronaut Application Framework
This project hasn't been onboarded to LFX Insights.
OAuth 2.0 Server
A spec compliant, secure by default PHP OAuth 2.0 Server
This project hasn't been onboarded to LFX Insights.
OpenStack Keystone - Identity Service
OpenStack Identity (Keystone). Mirror of code maintained at opendev.org.
This project hasn't been onboarded to LFX Insights.
PacketFence
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) solution. Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, powerful BYOD management options, 802.1X support, layer-2 isolation of problematic devices; PacketFence can be used to effectively secure networks small to very large heterogeneous networks.
This project hasn't been onboarded to LFX Insights.
Permify
An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems for any application.
This project hasn't been onboarded to LFX Insights.
SSSD
A daemon to manage identity, authentication and authorization for centrally-managed systems.
This project hasn't been onboarded to LFX Insights.
Syncope
Apache Syncope
This project hasn't been onboarded to LFX Insights.
WSO2 Identity Server
Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
This project hasn't been onboarded to LFX Insights.
ZITADEL
ZITADEL - Identity infrastructure, simplified for you.
This project hasn't been onboarded to LFX Insights.
midPoint
Evolveum MidPoint: Identity Management (IDM) and Identity Governance (IGA)
This project hasn't been onboarded to LFX Insights.
pac4j
Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
This project hasn't been onboarded to LFX Insights.
terraform-aws-iam
Terraform module to create AWS IAM resources 🇺🇦
This project hasn't been onboarded to LFX Insights.