ComplianceAsCode / auditree-arboretumLinks
The Auditree common fetchers, checks and harvest reports library.
☆19Updated last year
Alternatives and similar repositories for auditree-arboretum
Users that are interested in auditree-arboretum are comparing it to the libraries listed below
Sorting:
- The Auditree framework tool to run compliance control checks as unit tests.☆69Updated 11 months ago
- Open source tool for processing OSCAL based FedRAMP SSPs☆42Updated 9 months ago
- osquery input plugin☆10Updated 6 years ago
- Reasonably Usable Self-hosted Version of OPA's Playground☆36Updated 2 months ago
- This tool allows using a SPIFFE JWT to authenticate to AWS APIs☆34Updated 2 weeks ago
- GCP PCI-DSS 3.2.1 InSpec Profile☆18Updated 4 years ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆200Updated last week
- YAML schema, examples, and validators for OpenControl format.☆74Updated 6 years ago
- Witness Examples☆11Updated last year
- Demo setup for compliance-trestle☆34Updated 4 months ago
- Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.☆103Updated 2 months ago
- Transaction Tokens Service☆43Updated last week
- Website for OmniBOR, reproducible identifiers & fine-grained build dependency tracking for software artifacts.☆21Updated 6 months ago
- NIST OSCAL SDK and CLI☆38Updated 5 years ago
- EXPERIMENTAL: a template builder for FedRAMP System Security Plans☆39Updated 5 years ago
- 🎟 Voucher creates attestations for Binary Authorization☆73Updated 2 weeks ago
- Securing Alice's, Bob's and Carl's software supply chain using in-toto☆94Updated last month
- vexctl is a tool to attest VEX impact statements☆44Updated 2 years ago
- Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration.☆30Updated 4 months ago
- Golang library which provides functionality to evaluate GCP resources against Rego-based policies☆46Updated 2 weeks ago
- in-toto is a framework to secure the software supply chain.☆70Updated 6 months ago
- Sysdig agent Operator configure Sysdig platform in your Kubernetes cluster☆15Updated last year
- Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Framework☆62Updated 5 years ago
- Reusable infrastructure modules for running TICK stack on GCP☆20Updated 3 months ago
- Kubernetes Common Configuration Scoring System☆123Updated 3 years ago
- Tooling and library for generation, validation and verification of supply chain metadata documents and frameworks☆32Updated 3 months ago
- Compliant Financial Infrastructure accelerates the development, deployment and adoption of cloud services in a way that adheres to common…☆138Updated 9 months ago
- GCP Auto Remediation Suite for High Risk Events☆43Updated 4 years ago
- Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore☆65Updated this week
- Approzium allows a cloud service to authenticate to a database without ever having access to its password☆3Updated last year