LFX Platform

Know more about LFX Platform

Search projects, repositories, or collections

⇧+K

Security Compliance Content

Repositories providing security policies, benchmarks, and automation content (e.g. SCAP, Bash, Ansible) that help organizations harden systems and meet regulatory standards.

20 projects

23,974 contributors

$8B

Most contributors

Cloud Native Computing Foundation (CNCF)

The Cloud Native Computing Foundation (CNCF) hosts critical components of the global technology infrastructure. CNCF brings together the world’s top developers, end users, and vendors and runs the largest open source developer conferences.

12,726

3,524

$7.6B

RKE2

RKE2 (also known as RKE Government) is a Kubernetes distribution focused on security and compliance, built for government and highly regulated environments. It provides a streamlined, FIPS-compliant Kubernetes installation that packages the upstream Kubernetes components as a single binary, making it easier to deploy and maintain production-ready clusters.

1,607

385

$709K

Prowler

Prowler is an open-source security assessment tool designed to perform security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness assessment of AWS cloud environments. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and additional security best practices.

1,550

224

$46M

Fleet

Fleet is an open-source device management platform that enables organizations to monitor, manage and secure their fleet of devices (laptops, servers, containers) at scale. It provides real-time visibility into device health, security posture, and compliance status through osquery-based monitoring and a centralized management interface.

1,269

211

$79M

ComplianceAsCode

ComplianceAsCode is an open source project that provides tools and content for security compliance automation. It includes SCAP security guides and automated security scanning tools to help organizations assess and maintain compliance with various security standards and benchmarks.

1,166

161

$47M

testssl.sh

testssl.sh is a command line tool that checks a server's TLS/SSL configuration, protocols, ciphers and vulnerabilities. It provides detailed analysis of SSL/TLS security settings, certificate validation, and identifies potential security issues in server configurations.

866

210

$1.2M

kube-bench

kube-bench is a security assessment tool that checks whether Kubernetes deployments follow CIS (Center for Internet Security) benchmarks by running automated tests against Kubernetes clusters to identify misconfigurations and security vulnerabilities

785

234

$2.6M

Jasypt Spring Boot

A Java library that provides encryption support for Spring Boot properties, allowing sensitive configuration values to be encrypted in property files and decrypted during runtime using Jasypt encryption tools

634

73

$173K

devsec.hardening

A collection of Ansible roles for hardening Unix/Linux systems that provides automated security configurations and best practices across different operating system components including SSH, OS, NGINX, MySQL, and PostgreSQL

578

164

$384K

Shim

Shim is a bootloader component that provides a secure way to boot UEFI systems by implementing cryptographic signature verification of subsequent bootloader stages. It acts as a first-stage bootloader that verifies and loads signed UEFI applications, helping to maintain system security through Secure Boot.

444

145

$5.4M

Dropbear SSH

Dropbear SSH is a lightweight SSH server and client implementation designed for embedded systems and environments with limited resources. It provides secure remote access functionality while maintaining a small code footprint.

391

109

$5.8M

Chef Vault

Chef Vault is a security tool that enables secure storage and distribution of encrypted data bags in Chef. It allows users to encrypt sensitive data like passwords and keys, making them accessible only to specific nodes and users in a Chef environment.

386

109

$165K

rate-limiter-flexible

A rate limiter library for Node.js that provides flexible rate limiting functionality with support for multiple storage backends, distributed environments, and customizable rate limiting strategies

335

102

$520K

zizmor

A project focused on medical practice management and healthcare technology solutions

305

182

$2M

Ansible Community Crypto Collection

A collection of Ansible modules and plugins for managing cryptographic operations, including certificate management, key generation, and cryptographic tasks. It provides functionality for working with SSL/TLS certificates, keys, and related security operations in Ansible automation workflows.

304

86

$2M

fscrypt

fscrypt is a high-level tool for managing Linux filesystem encryption that integrates with the Linux kernel's native encryption functionality. It provides a command-line interface for creating and managing encrypted directories in supported filesystems like ext4, f2fs, and UBIFS.

222

76

$413K

eslint-plugin-security

ESLint plugin that provides security-focused rules and checks for identifying potential vulnerabilities and security issues in JavaScript/Node.js code during static analysis

206

104

$90K

MITRE Security Automation Framework CLI

The MITRE Security Automation Framework (SAF) CLI is a tool for executing security tests and compliance scans against systems and applications. It provides capabilities for running automated security validations, generating reports, and evaluating compliance with security benchmarks and standards.

109

17

$178M

Secretlint

A pluggable linting tool designed to detect and prevent secrets like API keys and credentials from being committed in source code

91

32

$2.4M

Looking for a project that’s not listed?