cis-benchmark

There are 38 repositories under cis-benchmark topic.

• prowler

  prowler-cloud / prowler

  Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

  securitysecurity-toolssecurity-auditsecurity-hardeninghardeningawscis-benchmarkcompliancegdprforensicscloudwell-architecteddevsecopsazureiampythongcpmulti-cloud
  Language:Python 10559

• aquasecurity / kube-bench

  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

  cis-benchmarkcis-kubernetes-benchmarkcis-securityhacktoberfestkube-benchkuberneteskubernetes-securityopenshift
  Language:Go 6940

• nozaq / terraform-aws-secure-baseline

  Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

  awsaws-auditingcis-benchmarkdevopshardeningsecuritysecurity-hardeningsecurity-toolsterraformterraform-moduleterraform-modules
  Language:HCL 1133

• Jsitech / JShielder

  Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

  centos7cis-benchmarkhardeninghardening-stepsiptableslamp-deployerlamp-stacklemp-deployerlinuxlinux-servermodsecuritysecurity-hardeningsystem-hardeningubuntu-serverubuntu1604ubuntu1804
  Language:PHP 753

• ansible-lockdown / RHEL7-CIS

  Ansible role for Red Hat 7 CIS Baseline

  cissecurity-hardeningrhel7ansible-rolesecurityhardeningcompliance-automationredhat7redhat-ansiblecompliance-as-coderedhatsecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 473
• steampipe-mod-aws-compliance

  turbot / steampipe-mod-aws-compliance

  Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

  awssecuritycissqlpci-dsspcicompliancecis-benchmarksteampipesteampipe-modhipaanist-csfrbihacktoberfestpowerpipepowerpipe-mod
  Language:HCL 369

• NVISOsecurity / posh-dsc-windows-hardening

  Windows OS Hardening with PowerShell DSC

  powershell-dsccis-benchmarkwindows
  Language:PowerShell 271

• ansible-lockdown / RHEL8-CIS

  Ansible role for Red Hat 8 CIS Baseline

  securityansible-rolerhel8security-hardeningcisansibleansible-rolesredhat8compliance-automationcompliance-as-coderemediationrhelredhatsecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 261

• finalduty / cis-benchmarks-audit

  Simple command line tool to check for compliance against CIS Benchmarks

  ciscentos7compliancehardeningcis-benchmarkauditcentos
  Language:Python 245

• ansible-lockdown / UBUNTU22-CIS

  Ansible role for Ubuntu22 CIS Baseline

  ubuntu22ubuntu2204ansibleansible-rolebenchmarkciscis-standardscompliance-as-codecompliance-automationsecurity-automationsecurity-toolsubuntu-servercis-benchmarksecurity-hardeningsecurity
  Language:YAML 177

• ansible-lockdown / UBUNTU20-CIS

  Ansible role for Ubuntu 2004 CIS Baseline

  securityansible-roleubuntu2004security-hardeningcisansiblesecurity-automationcompliance-as-codeubuntu-serverbenchmarkbenchmark-frameworkcis-benchmarkansible-playbookubuntu20security-tools
  Language:YAML 174

• ansible-lockdown / Windows-2019-CIS

  CIS Baseline Ansible Role for Windows 2019

  cissecurity-automationwindows-server-2019cis-benchmarkansiblecompliance-as-codebenchmarkbenchmark-frameworkcompliance-automationsecurity-toolsansible-playbookansible-rolecis-standardshardeningsecuritywindowswindows-2019windows-servercis-compliant
  Language:YAML 133

• GoogleCloudPlatform / inspec-gcp-cis-benchmark

  GCP CIS 1.1.0 Benchmark InSpec Profile

  gcpinspeccis-benchmarkcloudsecurityauditingcompliance
  Language:Ruby 129

• ansible-lockdown / RHEL9-CIS

  Ansible role for Red Hat 9 CIS Baseline

  compliance-as-codecompliance-automationrhel9securitysecurity-automationsecurity-toolsredhat9ansibleansible-playbookansible-rolecisrhelbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 113

• HarryHarcourt / Ansible-RHEL7-CIS-Benchmarks

  This repository contains an Ansible Role for RHEL7 / CentOS based on the Center for Internet Security Benchmarks

  ansibleansible-roleautomationcentoscentos7cis-benchmarkidempotentrhelrhel7security-hardening
  Language:Python 103

• aws-samples / aws-security-services-with-terraform

  Code examples for the AWS Security Blog post: How to use CI/CD to deploy and configure AWS security services with Terraform

  terraformawssecurity-hubaws-security-hubiacdevsecopsdevopsdevsecops-pipelinecicdsecopssecurity-engineeringaws-wafaws-guarddutyaws-vpccis-benchmark
  Language:HCL 94

• rewindio / aws-security-hub-CIS-metrics

  Metrics and alarms for AWS security hub for the CIS standard

  awssecuritycis-benchmarkalarmcloudformationcloudformation-templates
  93

• radsec / CentOS7-CIS

  Ansible CentOS 7 - CIS Benchmark Hardening Script

  ciscentos7ciscis-benchmarksystem-hardeningcentos7-cisansibleansible-playbookansible-roleansible-rolesansible-playbookscentoscentos7automationrhel7security-hardeningsecurity-automation
  Language:Shell 91

• zercurity / zercurity

  Manage, monitor and improve your cyber security posture.

  osquerycompliancecis-benchmarklinuxmacossiemsoarwindowssteampipe
  Language:Shell 88

• massyn / centos-cis-benchmark

  CIS CentOS Linux 7 Benchmark

  centos6ciscis-benchmark
  Language:Shell 77

• aws-samples / aws-security-hub-response-and-remediation

  Pre-configured response & remediation playbooks for AWS Security Hub

  aws-securityaws-security-hubaws-lambdaaws-cloudformationincident-responsecontinuous-compliancecompliance-as-codecompliance-automationcis-benchmarkcis-aws-benchmark
  66

• klouddb / klouddbshield

  KloudDB Shield is a security tool that checks for Postgres CIS Benchmarks - Postgres, MySQL and RDS

  auroraciscis-benchmarkcis-benchmarkspostgrespostgresqlrds-mysqlrds-postgressecurity
  Language:Go 66
• steampipe-mod-zoom-compliance

  turbot / steampipe-mod-zoom-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampipe.

  cissecuritysqlcompliancecis-benchmarksteampipesteampipe-modzoomhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 65

• chen-keinan / kube-beacon

  Open Source runtime scanner for k8s cluster and perform security audit checks based on CIS Kubernetes Benchmark specification

  k8skube-benchkube-beaconkube-scanaudit-checkscis-benchmarkcis-kubernetes-benchmarkkubernetescis-securitykubescan
  Language:Go 64
• steampipe-mod-azure-compliance

  turbot / steampipe-mod-azure-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Powerpipe and Steampipe.

  azuresecuritycissqlcompliancecis-benchmarksteampipesteampipe-modhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 55
• cis-vsphere

  karimhabush / cis-vsphere

  A tool to assess the compliance of a VMware vSphere environment against the CIS Benchmark.

  ciscis-benchmarkvmware-esxivmware-vsphere
  Language:PowerShell 47

• mrC2C / cis-benchmark-centOS-8

  Auditing Script based on CIS-BENCHMARK CENTOS 8

  ciscis-benchmarkscentos8hardeningbash-scriptbashauditshell-scriptcis-benchmarkauditingautomation
  Language:Shell 41
• steampipe-mod-gcp-compliance

  turbot / steampipe-mod-gcp-compliance

  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your GCP projects using Powerpipe and Steampipe.

  gcpsecuritycissqlcompliancecis-benchmarksteampipesteampipe-modhacktoberfestpowerpipepowerpipe-mod
  Language:HCL 35

• ansible-lockdown / UBUNTU22-CIS-Audit

  Audit for Ubuntu 22 CIS

  ubuntu2204ubuntu22cis-benchmarkbenchmarkbenchmark-frameworkcissecurity-auditcompliance-as-codesecurity-auditing-toolcis-standardsubuntu-cis
  Language:YAML 34

• ansible-lockdown / RHEL8-CIS-Audit

  Audit configurations for RHEL8 CIS - utilising goss

  cissecurityrhel8gosssecurity-hardeningsecurity-auditsecurity-auditing-toolcompliance-automationrhel8-ciscis-standardscis-benchmark
  Language:YAML 31

• alaanasser00 / entraid-bench

  Microsoft Entra ID Security Assessment Tool

  azure-adcis-benchmarkentra-idm365-defendersecurity-audit
  Language:PowerShell 30

• ansible-lockdown / UBUNTU18-CIS

  CIS Baseline Ansible Role for Ubuntu 18

  securityansible-roleubuntu1804security-hardeningcisansiblebenchmarkbenchmark-frameworkcis-standardscompliance-as-codecompliance-automationsecurity-automationsecurity-toolsubuntu-serverubuntu18cis-benchmark
  Language:YAML 30

• radsec / RHEL7-CIS

  Ansible RHEL 7 - CIS Benchmark Hardening Script

  cis-benchmarkansibleansible-roleansible-rolesansible-playbookansible-playbooksansible-galaxycentos7rhelcentosautomationsecurity-hardeningsystem-hardeningrhel7rhel7-ciscentos7-cisharden
  Language:Shell 30

• ansible-lockdown / AMAZON2-CIS

  Ansible role for Amazon Linux 2 CIS Baseline

  amazon-linuxamazon-linux-2ansibleansible-playbookansible-roleciscompliance-as-codecompliance-automationsecuritysecurity-automationsecurity-toolsbenchmarkbenchmark-frameworkcis-benchmark
  Language:YAML 28

• frank-at-suse / vsphere_rancher_cluster

  Terraform plan for creating a hardened multi-node RKE2 cluster on VMware vSphere

  kuberneteslinuxrancher-serverrancher2terraformvmware-vsphererke2cis-benchmarkkube-vip
  Language:HCL 28

• zahav / powershell-iis-hardening

  PowerShell IIS Hardening

  powershelliisiis-hardeningcis-benchmark
  27