27 projects
Open Policy Agent
Stop using a different policy language, policy model, and policy API for every product and service you use. Use OPA for a unified toolset and framework for policy across the cloud native stack. Whether for one service or for all your services, use OPA to decouple policy from the service's code so you can release, analyze, and review policies (which security and compliance teams love) without sacrificing availability or performance.
Contributors
4,536
Organizations
1,217
Software value
$262M
Wazuh
Wazuh is an open source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It performs threat detection, integrity monitoring, incident response and regulatory compliance through integrated capabilities for log analysis, file integrity monitoring, vulnerability detection, and security configuration assessment.
Contributors
4,224
Organizations
377
Software value
$102M
MISP
MISP is an open source threat intelligence and sharing platform that enables organizations to share, store and correlate indicators of compromise, threat intelligence, financial fraud information, vulnerability information and counter-terrorism information. It includes automatic correlation features, data import/export tools, and built-in sharing mechanisms.
Contributors
2,887
Organizations
210
Software value
$13M
Cortex XSOAR
Cortex XSOAR (formerly Demisto) is a security orchestration, automation and response (SOAR) platform that enables security teams to automate incident response workflows, integrate security tools, and streamline security operations through playbooks and automation scripts
Contributors
2,848
Organizations
97
Software value
$349M
DefectDojo
DefectDojo is an open-source application vulnerability management tool that streamlines the security testing process by automating the management, triage, and reporting of security vulnerabilities. It helps organizations track and manage security findings across multiple testing tools and provides a centralized platform for vulnerability management.
Contributors
2,611
Organizations
312
Software value
$142M
Nuclei
Nuclei is a fast, template-based vulnerability scanner designed to find security issues in web applications, APIs, and network systems. It uses YAML-based templates for efficient scanning and supports extensive customization, parallel execution, and multiple protocols.
Contributors
1,935
Organizations
243
Software value
$3M
Chef InSpec
InSpec: Auditing and Testing Framework
Contributors
1,699
Organizations
401
Software value
$4.2M
MITRE Caldera
MITRE Caldera is an automated adversary emulation system designed to perform post-compromise adversarial behavior within enterprise networks. It generates plans of actions based on adversary behaviors and allows security teams to test their defensive capabilities against simulated cyber attacks.
Contributors
1,103
Organizations
55
Software value
$2.1M
reNgine
reNgine is an automated reconnaissance framework for web applications that helps security professionals and penetration testers gather intelligence through automated scanning, OSINT collection, directory enumeration, and vulnerability assessment. It provides a web interface to manage targets, schedule scans, and generate detailed reports.
Contributors
967
Organizations
90
Software value
$2.5M
CrowdSec
CrowdSec is an open-source security automation and threat detection engine that analyzes visitor behavior and provides protection against various cyber threats. It uses a collaborative approach where users can share threat intelligence about malicious IP addresses and patterns across the CrowdSec community.
Contributors
738
Organizations
159
Software value
$5M
Velociraptor
Velociraptor is an advanced digital forensics and incident response tool that enables live remote acquisition and monitoring of endpoints at scale. It provides a query language called VQL (Velociraptor Query Language) for collecting artifacts and investigating systems, with capabilities for real-time triage, threat hunting, and continuous monitoring.
Contributors
703
Organizations
51
Software value
$13M
Vuls
Vuls is an agentless vulnerability scanner for Linux/FreeBSD systems that automatically detects security vulnerabilities in running servers and container images. It can scan for known vulnerabilities in installed packages, generate reports, and send notifications about security issues.
Contributors
616
Organizations
152
Software value
$2.6M
Faraday Vulnerability Manager
Faraday is an integrated vulnerability management and penetration testing platform that helps security teams collaborate, organize and track security assessments. It centralizes security findings, enables team collaboration, and provides tools for vulnerability analysis and reporting.
Contributors
522
Organizations
66
Software value
$2.5M
StackRox
StackRox is a Kubernetes-native security platform that helps organizations secure their container and Kubernetes environments through vulnerability management, compliance, network segmentation, configuration management, and threat detection capabilities.
Contributors
469
Organizations
75
Software value
$97M
The PenTesters Framework
The PenTesters Framework (PTF) is a modular penetration testing automation tool that helps install and manage security testing tools. It provides a centralized platform for downloading, installing, and updating various security testing applications and frameworks commonly used in penetration testing and security assessments.
Contributors
445
Organizations
46
Software value
$124K
Shuffle
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
Contributors
441
Organizations
57
Software value
$6.8M
Greenbone Vulnerability Manager
This repository contains the scanner component for Greenbone Community Edition.
Contributors
321
Organizations
35
Software value
$6.7M
OWASP secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
Contributors
308
Organizations
46
Software value
$14M
ggshield
GGShield is a CLI application that helps developers scan their code, secrets, and Infrastructure as Code (IaC) files for potential security issues and leaked credentials. It can be integrated into CI/CD pipelines and local development workflows to detect and prevent exposure of sensitive information.
Contributors
283
Organizations
48
Software value
$1.2M
FACT
FACT (Firmware Analysis and Comparison Tool) is an open-source platform for analyzing firmware images and other binary files. It performs automated unpacking, vulnerability scanning, and comparison of firmware components, helping security researchers and developers identify potential security issues and track changes across firmware versions.
Contributors
235
Organizations
24
Software value
$1.6M
cnquery
cnquery is a cloud-native security and compliance assessment tool that enables querying and analyzing system configurations, security settings, and compliance status across cloud infrastructure, containers, and Kubernetes clusters. It provides a unified interface for security scanning and infrastructure assessment.
Contributors
159
Organizations
30
Software value
$20M
MITRE Security Automation Framework CLI
The MITRE Security Automation Framework (SAF) CLI is a tool for executing security tests and compliance scans against systems and applications. It provides capabilities for running automated security validations, generating reports, and evaluating compliance with security benchmarks and standards.
Contributors
109
Organizations
17
Software value
$178M
Dispatch
All of the ad-hoc things you're doing to manage incidents today, done for you, and much more!
This project hasn't been onboarded to LFX Insights.