Alternatives and similar repositories for auditree-arboretum

Users that are interested in auditree-arboretum are comparing it to the libraries listed below

• ComplianceAsCode / auditree-framework
  The Auditree framework tool to run compliance control checks as unit tests.
  ☆69Updated 11 months ago
• GoComply / fedramp
  Open source tool for processing OSCAL based FedRAMP SSPs
  ☆42Updated 9 months ago
• niyonmaruz / fluent-plugin-osquery
  osquery input plugin
  ☆10Updated 6 years ago
• dolevf / Open-Policy-Agent-Alfred
  Reasonably Usable Self-hosted Version of OPA's Playground
  ☆36Updated 2 months ago
• square / spiffe-aws-assume-role
  This tool allows using a SPIFFE JWT to authenticate to AWS APIs
  ☆34Updated 2 weeks ago
• GoogleCloudPlatform / inspec-gcp-pci-profile
  GCP PCI-DSS 3.2.1 InSpec Profile
  ☆18Updated 4 years ago
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆200Updated last week
• opencontrol / schemas
  YAML schema, examples, and validators for OpenControl format.
  ☆74Updated 6 years ago
• testifysec / witness-examples
  Witness Examples
  ☆11Updated last year
• oscal-compass / compliance-trestle-demos
  Demo setup for compliance-trestle
  ☆34Updated 4 months ago
• hexa-org / policy-orchestrator
  Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.
  ☆103Updated 2 months ago
• tokenetes / tokenetes
  Transaction Tokens Service
  ☆43Updated last week
• omnibor / site
  Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.
  ☆21Updated 6 months ago
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆38Updated 5 years ago
• opencontrol / fedramp-templater
  EXPERIMENTAL: a template builder for FedRAMP System Security Plans
  ☆39Updated 5 years ago
• grafeas / voucher
  🎟 Voucher creates attestations for Binary Authorization
  ☆73Updated 2 weeks ago
• in-toto / demo
  Securing Alice's, Bob's and Carl's software supply chain using in-toto
  ☆94Updated last month
• chainguard-dev / vex
  vexctl is a tool to attest VEX impact statements
  ☆44Updated 2 years ago
• oscal-compass / compliance-to-policy
  Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration.
  ☆30Updated 4 months ago
• GoogleCloudPlatform / config-validator
  Golang library which provides functionality to evaluate GCP resources against Rego-based policies
  ☆46Updated 2 weeks ago
• in-toto / community
  in-toto is a framework to secure the software supply chain.
  ☆70Updated 6 months ago
• sysdiglabs / sysdig-operator
  Sysdig agent Operator configure Sysdig platform in your Kubernetes cluster
  ☆15Updated last year
• GovReady / compliancelib-python
  Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Framework
  ☆62Updated 5 years ago
• influxdata / terraform-google-influx
  Reusable infrastructure modules for running TICK stack on GCP
  ☆20Updated 3 months ago
• octarinesec / kccss
  Kubernetes Common Configuration Scoring System
  ☆123Updated 3 years ago
• kusaridev / spector
  Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks
  ☆32Updated 3 months ago
• finos / compliant-financial-infrastructure
  Compliant Financial Infrastructure accelerates the development, deployment and adoption of cloud services in a way that adheres to common…
  ☆138Updated 9 months ago
• ScaleSec / project_lockdown
  GCP Auto Remediation Suite for High Risk Events
  ☆43Updated 4 years ago
• anchore / kubernetes-admission-controller
  Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore
  ☆65Updated this week
• cyralinc / approzium
  Approzium allows a cloud service to authenticate to a database without ever having access to its password
  ☆3Updated last year