cis-benchmark

There are 37 repositories under cis-benchmark topic.

• prowler

  prowler-cloud / prowler

  Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

  awsazurecis-benchmarkcloudcompliancedevsecopsforensicsgcpgdprhardeningiammulti-cloudpythonsecuritysecurity-auditsecurity-hardeningsecurity-toolswell-architected
  Language:Python 9586

• aquasecurity / kube-bench

  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

  cis-benchmarkcis-kubernetes-benchmarkcis-securityhacktoberfestkube-benchkuberneteskubernetes-securityopenshift
  Language:Go 6664

• nozaq / terraform-aws-secure-baseline

  Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

  terraformawssecuritysecurity-hardeningterraform-moduleshardeningcis-benchmarkaws-auditingsecurity-toolsdevopsterraform-module
  Language:HCL 1118

• Jsitech / JShielder

  Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

  linuxcis-benchmarklinux-serverhardeningubuntu-servercentos7lamp-stackhardening-stepsiptablesubuntu1604ubuntu1804security-hardeningsystem-hardeningmodsecuritylamp-deployerlemp-deployer
  Language:PHP 737

• ansible-lockdown / RHEL7-CIS

  Ansible role for Red Hat 7 CIS Baseline

  cissecurity-hardeningrhel7ansible-rolesecurityhardeningcompliance-automationredhat7redhat-ansiblecompliance-as-coderedhatsecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 472
• steampipe-mod-aws-compliance

  turbot / steampipe-mod-aws-compliance

  Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

  awssecuritycissqlpci-dsspcicompliancecis-benchmarksteampipesteampipe-modhipaanist-csfrbihacktoberfestpowerpipepowerpipe-mod
  Language:HCL 351

• NVISOsecurity / posh-dsc-windows-hardening

  Windows OS Hardening with PowerShell DSC

  cis-benchmarkpowershell-dscwindows
  Language:PowerShell 254

• ansible-lockdown / RHEL8-CIS

  Ansible role for Red Hat 8 CIS Baseline

  ansibleansible-roleansible-rolesbenchmarkbenchmark-frameworkciscis-benchmarkcompliance-as-codecompliance-automationredhatredhat8remediationrhelrhel8securitysecurity-automationsecurity-hardeningsecurity-tools
  Language:YAML 246

• alivx / CIS-Ubuntu-20.04-Ansible

  Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

  ansibleubuntu2004cis-benchmarkautomationcisecurityhardeningubuntucissecuritycis-benchmarksplaybook-ansiblesecurity-toolssecurity-auditcis-aws-benchmarkowaspansible-role
  Language:HTML 245

• finalduty / cis-benchmarks-audit

  Simple command line tool to check for compliance against CIS Benchmarks

  ciscentos7compliancehardeningcis-benchmarkauditcentos
  Language:Python 234

• ansible-lockdown / UBUNTU20-CIS

  Ansible role for Ubuntu 2004 CIS Baseline

  securityansible-roleubuntu2004security-hardeningcisansiblesecurity-automationcompliance-as-codeubuntu-serverbenchmarkbenchmark-frameworkcis-benchmarkansible-playbookubuntu20security-tools
  Language:YAML 173

• ansible-lockdown / UBUNTU22-CIS

  Ansible role for Ubuntu22 CIS Baseline

  ubuntu22ubuntu2204ansibleansible-rolebenchmarkciscis-standardscompliance-as-codecompliance-automationsecurity-automationsecurity-toolsubuntu-servercis-benchmarksecurity-hardeningsecurity
  Language:YAML 146

• GoogleCloudPlatform / inspec-gcp-cis-benchmark

  GCP CIS 1.1.0 Benchmark InSpec Profile

  gcpinspeccis-benchmarkcloudsecurityauditingcompliance
  Language:Ruby 129

• ansible-lockdown / Windows-2019-CIS

  CIS Baseline Ansible Role for Windows 2019

  ansibleansible-playbookansible-rolebenchmarkbenchmark-frameworkciscis-benchmarkcis-compliantcis-standardscompliance-as-codecompliance-automationhardeningsecuritysecurity-automationsecurity-toolswindowswindows-2019windows-serverwindows-server-2019
  Language:YAML 128

• HarryHarcourt / Ansible-RHEL7-CIS-Benchmarks

  This repository contains an Ansible Role for RHEL7 / CentOS based on the Center for Internet Security Benchmarks

  ansibleansible-roleautomationcentoscentos7cis-benchmarkidempotentrhelrhel7security-hardening
  Language:Python 106

• rewindio / aws-security-hub-CIS-metrics

  Metrics and alarms for AWS security hub for the CIS standard

  alarmawscis-benchmarkcloudformationcloudformation-templatessecurity
  93

• aws-samples / aws-security-services-with-terraform

  Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform

  terraformawssecurity-hubaws-security-hubiacdevsecopsdevopsdevsecops-pipelinecicdsecopssecurity-engineeringaws-wafaws-guarddutyaws-vpccis-benchmark
  Language:HCL 92

• radsec / CentOS7-CIS

  Ansible CentOS 7 - CIS Benchmark Hardening Script

  ciscentos7ciscis-benchmarksystem-hardeningcentos7-cisansibleansible-playbookansible-roleansible-rolesansible-playbookscentoscentos7automationrhel7security-hardeningsecurity-automation
  Language:Shell 91

• ansible-lockdown / RHEL9-CIS

  Ansible role for Red Hat 9 CIS Baseline

  ansibleansible-playbookansible-rolebenchmarkbenchmark-frameworkciscis-benchmarkcompliance-as-codecompliance-automationredhat9rhelrhel9securitysecurity-automationsecurity-tools
  Language:YAML 90

• zercurity / zercurity

  Manage, monitor and improve your cyber security posture.

  osquerycompliancecis-benchmarklinuxmacossiemsoarwindowssteampipe
  Language:Shell 81

• massyn / centos-cis-benchmark

  CIS CentOS Linux 7 Benchmark

  ciscentos6cis-benchmark
  Language:Shell 77

• aws-samples / aws-security-hub-response-and-remediation

  Pre-configured response & remediation playbooks for AWS Security Hub

  aws-securityaws-security-hubaws-lambdaaws-cloudformationincident-responsecontinuous-compliancecompliance-as-codecompliance-automationcis-benchmarkcis-aws-benchmark
  64

• chen-keinan / kube-beacon

  Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification

  k8skube-benchkube-beaconkube-scanaudit-checkscis-benchmarkcis-kubernetes-benchmarkkubernetescis-securitykubescan
  Language:Go 64
• steampipe-mod-zoom-compliance

  turbot / steampipe-mod-zoom-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.

  cissecuritysqlcompliancecis-benchmarksteampipesteampipe-modzoomhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 63
• steampipe-mod-azure-compliance

  turbot / steampipe-mod-azure-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Powerpipe and Steampipe.

  azuresecuritycissqlcompliancecis-benchmarksteampipesteampipe-modhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 50
• cis-vsphere

  karimhabush / cis-vsphere

  A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.

  ciscis-benchmarkvmware-esxivmware-vsphere
  Language:PowerShell 45

• mrC2C / cis-benchmark-centOS-8

  Auditing Script based on CIS-BENCHMARK CENTOS 8

  ciscis-benchmarkscentos8hardeningbash-scriptbashauditshell-scriptcis-benchmarkauditingautomation
  Language:Shell 39

• klouddb / klouddbshield

  KloudDB Shield is a security tool that checks for CIS compliance - Postgres, MySQL and RDS

  auroraciscis-benchmarkcis-benchmarksmysqlpostgrespostgresqlrds-mysqlrds-postgressecurity
  Language:Go 33

• ansible-lockdown / RHEL8-CIS-Audit

  Audit configurations for RHEL8 CIS - utilising goss

  ciscis-benchmarkcis-standardscompliance-automationgossrhel8rhel8-cissecuritysecurity-auditsecurity-auditing-toolsecurity-hardening
  Language:YAML 32

• ansible-lockdown / UBUNTU22-CIS-Audit

  Audit for Ubuntu 22 CIS

  benchmarkbenchmark-frameworkciscis-benchmarkcis-standardscompliance-as-codesecurity-auditsecurity-auditing-toolubuntu-cisubuntu22ubuntu2204
  Language:YAML 32

• radsec / RHEL7-CIS

  Ansible RHEL 7 - CIS Benchmark Hardening Script

  cis-benchmarkansibleansible-roleansible-rolesansible-playbookansible-playbooksansible-galaxycentos7rhelcentosautomationsecurity-hardeningsystem-hardeningrhel7rhel7-ciscentos7-cisharden
  Language:Shell 30

• ansible-lockdown / UBUNTU18-CIS

  CIS Baseline Ansible Role for Ubuntu 18

  ansibleansible-rolebenchmarkbenchmark-frameworkciscis-benchmarkcis-standardscompliance-as-codecompliance-automationsecuritysecurity-automationsecurity-hardeningsecurity-toolsubuntu-serverubuntu18ubuntu1804
  Language:YAML 29
• steampipe-mod-gcp-compliance

  turbot / steampipe-mod-gcp-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your GCP projects using Powerpipe and Steampipe.

  gcpsecuritycissqlcompliancecis-benchmarksteampipesteampipe-modhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 29

• frank-at-suse / vsphere_rancher_cluster

  Terraform plan for creating a hardened multi-node RKE2 cluster on VMware vSphere

  kuberneteslinuxrancher-serverrancher2terraformvmware-vsphererke2cis-benchmarkkube-vip
  Language:HCL 28

• ansible-lockdown / AMAZON2-CIS

  Ansible role for Amazon Linux 2 CIS Baseline

  amazon-linuxamazon-linux-2ansibleansible-playbookansible-rolebenchmarkbenchmark-frameworkciscis-benchmarkcompliance-as-codecompliance-automationsecuritysecurity-automationsecurity-tools
  Language:YAML 26

• alaanasser00 / entraid-bench

  Microsoft Entra ID Security Assessment Tool

  azure-adcis-benchmarkentra-idm365-defendersecurity-audit
  Language:PowerShell 24