cis

There are 9 repositories under cis topic.

• trimstray / the-practical-linux-hardening-guide

  This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

  auditcentoschecklistcisguidehardeninglinuxlinux-hardeninglinux-securitymanualopenscappci-dssredhat-enterprise-linuxsecurity
  9791
• steampipe

  turbot / steampipe

  Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

  steampipesqlpostgresqlpostgresql-fdwcloudsecurityawsazureciscnappcspmdevopsdevsecopsgcpgolangkubernetesterraformetlsqlitezero-etl
  Language:Go 6708

• neargle / my-re0-k8s-security

  :atom: [WIP] 整理过去的分享，从零开始的Kubernetes攻防 🧐

  blackhatciscloud-nativecontainershitbhitbsecconfk8skubernetes
  Language:Shell 2841

• 0x6d69636b / windows_hardening

  HardeningKitty and Windows Hardening Settings

  windowshardeningsecuritywindows-10blueteamdefenseauditpowershellwindows-hardeningregistrychecklistcompliancebsicissecurity-baselinesisyphusstigwindows-11windows-server
  Language:PowerShell 2278
• ciso-assistant-community

  intuitem / ciso-assistant-community

  CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +54 frameworks worldwide: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

  cmmccompliancegrcsoc2gdprauditanssiiso27001cisdoragovernancehipaarisk-managementowaspnistprivacyfedrampbsicybersecuritycjis
  Language:Python 968
• cli

  cloudgraphdev / cli

  The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

  awsazureciscloudcspmdeveloper-toolsdevopsdevops-toolsgcpgraphqlisokubernetesnistpcisecuritysecurity-auditsecurity-toolstencent
  Language:TypeScript 876

• aquasecurity / chain-bench

  An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

  devsecopssoftware-supply-chainsoftware-supply-chain-securitysecurityvulneragocisgolangmisconfigurationopen-policy-agentsecurity-tools
  Language:Go 713
• debian-cis

  ovh / debian-cis

  PCI-DSS compliant Debian 10/11/12 hardening

  debianauditcispci-dsssecurityshell
  Language:Shell 691

• Zeus-Labs / ZeusCloud

  Open Source Cloud Security

  awsblueteambugbountyciemciscloudcloudsecuritycnappcspmcwppdevsecopspentestingsecuritysecurity-toolscybersecurityinfosec
  Language:TypeScript 682

• ansible-lockdown / RHEL7-CIS

  Ansible role for Red Hat 7 CIS Baseline

  cissecurity-hardeningrhel7ansible-rolesecurityhardeningcompliance-automationredhat7redhat-ansiblecompliance-as-coderedhatsecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 472
• steampipe-mod-aws-compliance

  turbot / steampipe-mod-aws-compliance

  Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

  awssecuritycissqlpci-dsspcicompliancecis-benchmarksteampipesteampipe-modhipaanist-csfrbihacktoberfestpowerpipepowerpipe-mod
  Language:HCL 360

• soxoj / counter-osint-guide-ru

  Исчерпывающее руководство по приватности и контр-ОСИНТ для Рунета и всего СНГ 🇷🇺

  ciscounter-osintguideosintprivacyrunetsecurity
  356

• mondoohq / cnquery

  open source, cloud-native, graph-based asset inventory

  awscissecurityazuregcplinuxmacoscloud-computingcloud-nativeunixwindowskubernetessecurity-as-code
  Language:Go 286

• soxoj / counter-osint-guide-en

  Comprehensive Counter OSINT and privacy guide (initially for CIS countries)

  ciscounter-osintguideosintprivacyrunetsecurity
  268

• alivx / CIS-Ubuntu-20.04-Ansible

  Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

  ansibleubuntu2004cis-benchmarkautomationcisecurityhardeningubuntucissecuritycis-benchmarksplaybook-ansiblesecurity-toolssecurity-auditcis-aws-benchmarkowaspansible-role
  Language:HTML 251

• ansible-lockdown / RHEL8-CIS

  Ansible role for Red Hat 8 CIS Baseline

  securityansible-rolerhel8security-hardeningcisansibleansible-rolesredhat8compliance-automationcompliance-as-coderemediationrhelredhatsecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 251

• maldevel / blue-team

  Blue Team Scripts

  securityhardeningblueteamlinuxwindowsserversdebiancisbenchmark
  Language:Shell 241

• finalduty / cis-benchmarks-audit

  Simple command line tool to check for compliance against CIS Benchmarks

  auditcentoscentos7ciscis-benchmarkcompliancehardening
  Language:Python 240

• cloudposse / terraform-aws-cloudtrail-cloudwatch-alarms

  Terraform module for creating alarms for tracking important changes and occurrences from cloudtrail.

  terraformterraform-modulescissecurity-auditcloudwatch-metricsalarmcloudtrailslackdevops
  Language:HCL 203
• powerpipe

  turbot / powerpipe

  Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.

  awsazureciscloudcnappcspmdashboardsdevopsdevsecopsduckdbgcpgolanghclkubernetesmysqlpostgresqlsecuritysqlsqliteterraform
  Language:TypeScript 193

• raspbernetes / k8s-security-policies

  This repository offers a comprehensive library of security policies designed to enhance the security of Kubernetes cluster configurations. The policies are developed in accordance with the CIS Kubernetes benchmark.

  benchmarkciscis-kubernetes-benchmarkconftestgatekeeperkuberneteskubernetes-clusterskubesecopen-policy-agentraspbernetesrego-filesrego-policysecurityviolation
  Language:Open Policy Agent 175

• Sneakysecdoggo / Wynis

  Audit Windows Security with best Practice

  windowscissecurity-audit
  Language:PowerShell 174

• ansible-lockdown / UBUNTU20-CIS

  Ansible role for Ubuntu 2004 CIS Baseline

  ansibleansible-playbookansible-rolebenchmarkbenchmark-frameworkciscis-benchmarkcompliance-as-codesecuritysecurity-automationsecurity-hardeningsecurity-toolsubuntu-serverubuntu20ubuntu2004
  Language:YAML 173

• ansible-lockdown / UBUNTU22-CIS

  Ansible role for Ubuntu22 CIS Baseline

  ubuntu22ubuntu2204ansibleansible-rolebenchmarkciscis-standardscompliance-as-codecompliance-automationsecurity-automationsecurity-toolsubuntu-servercis-benchmarksecurity-hardeningsecurity
  Language:YAML 159

• ansible-lockdown / Windows-2019-CIS

  CIS Baseline Ansible Role for Windows 2019

  cissecurity-automationwindows-server-2019cis-benchmarkansiblecompliance-as-codebenchmarkbenchmark-frameworkcompliance-automationsecurity-toolsansible-playbookansible-rolecis-standardshardeningsecuritywindowswindows-2019windows-servercis-compliant
  Language:YAML 130

• jamf / CIS-for-macOS-Catalina-CP

  CIS Benchmarks for macOS Catalina

  cisconfiguration-profilesjamfmacossecurity
  Language:Shell 122

• jamf / CIS-for-macOS-Sierra

  cismacmacosmacos-sierrasecurityjamf
  Language:Shell 105

• ansible-lockdown / RHEL9-CIS

  Ansible role for Red Hat 9 CIS Baseline

  compliance-as-codecompliance-automationrhel9securitysecurity-automationsecurity-toolsredhat9ansibleansible-playbookansible-rolecisrhelbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 101

• OWASP / KubeLight

  OWASP Kubernetes security and compliance tool [WIP]

  kubernetesciscompliancecontainersdockerkubernetes-securitynsapci-dsssbomsecuritypythonsecurity-toolsowaspcve-scanningdevsecopsscannervulnerability-management
  Language:Python 101

• radsec / CentOS7-CIS

  Ansible CentOS 7 - CIS Benchmark Hardening Script

  ciscentos7ciscis-benchmarksystem-hardeningcentos7-cisansibleansible-playbookansible-roleansible-rolesansible-playbookscentoscentos7automationrhel7security-hardeningsecurity-automation
  Language:Shell 92

• mitre / inspec_tools

  A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data

  inspecstigdisacismitre-corporationsecuritycompliancedisa-checklistchecklistxccdfjsonconvertermitre-inspec
  Language:Ruby 91

• florianutz / Ubuntu1604-CIS

  Ubuntu CIS Hardening Ansible Role

  cisansibleansible-roleubuntuhardening
  Language:Jinja 89
• Audit-Test-Automation

  fbprogmbh / Audit-Test-Automation

  The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

  auditbenchmarkciscompliancehardening-guidesiisindustry-standardswebserverwebserver-benchmarking
  Language:PowerShell 81

• massyn / centos-cis-benchmark

  CIS CentOS Linux 7 Benchmark

  ciscentos6cis-benchmark
  Language:Shell 77

• mitre / aws-foundations-cis-baseline

  InSpec profile to validate your VPC to the standards of the CIS Amazon Web Services Foundations Benchmark

  inspecmitre-corporationcloudsecurityiaawsaws-securitycisinspec-profilemitre-inspecmitre-saf
  Language:Ruby 76
• steampipe-mod-zoom-compliance

  turbot / steampipe-mod-zoom-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.

  cissecuritysqlcompliancecis-benchmarksteampipesteampipe-modzoomhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 63