Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.
linux open-source security hardening ruby
Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.
linux open-source security hardening
The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.
linux open-source security hardening chef puppet ansible
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows
open-source security hardening linux windows solaris osx bsd
A penetration testing tool for finding vulnerabilities in web applications, from OWASP
linux windows osx open-source security
A tool for testing and promoting infrastructure tolerance and high availability. It randomly shuts down servers, or blocks network connections, and makes sure you design your systems to survive these events.
linux windows osx open-source security java
Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.
open-source security hardening
An open-source jump box solution with auditing capabilities
linux open-source cloud monitoring security java
SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.
config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework
TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.
linux windows osx bsd solaris open-source security
A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.
linux osx open-source security shell
A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events
linux windows osx open-source security python