IaC threat modeler with STRIDE, MITRE ATT&CK, and PASTA frameworks. REST API, GraphQL, and Docker support for Terraform, CloudFormation, and Kubernetes.

This repository includes cloud security policies for IaC and live resources.

Detect drift. Defend cloud.

Cloud (IaC) Security plugin for JetBrains IDEs (e.g., IntelliJ IDEA, PyCharm)

Free Browser Based Infrastructure as Code security scanner - Scan Terraform, Kubernetes, Docker, CloudFormation files for vulnerabilities in your browser. 180+ security rules, GitHub repo scanning, PDF reports. Privacy-first, no uploads.

An enterprise-grade, agentless, and open-source cloud security platform for AWS, GCP, and Azure that combines CSPM, DSPM, CIEM, ASM, and vulnerability management with deterministic YAML policies and natural language querying.

Argus brings “a hundred eyes” to your project, combining leading open source security tools into a scalable, automated, continuous security pipeline.

One-command Ubuntu Server hardening to achieve cutting-edge security, with ZERO ongoing maintenance required.

Jenkins plugin for Xygeni - End to end software development and delivery security

Enterprise security audit plugin for Claude Code. One command (/security-audit) runs a 10-phase audit with auto-remediation and PDF reports. Auto-detects platform type — supports Express, Django, Next.js, Supabase, Firebase, Electron, React Native, WordPress, Stripe, Solidity, and more.

Security-focused prompt library and Claude Code skill for automated IaC security reviews. Covers Terraform, Kubernetes, Docker, Ansible, CloudFormation, and CI/CD pipelines. Compliance mapping to CIS, NIST 800-53, PCI-DSS, SOC2, HIPAA, and GDPR.

DevSecOps CI/CD pipeline scanner — Jenkins, GitHub Actions, GitLab, Azure Pipelines

Terraform IaC security audit on AWS - manual code review and automated scanning with Checkov and OPA, mapped to CIS AWS Benchmark findings.

Real-time cloud storage security and IaC analysis platform. Detect misconfigurations, prevent PII exposure, and enforce compliance across AWS, Azure, and GCP

Production-grade AWS multi-account landing zone. Blast radius design, SCP composition, account vending, CloudTrail detection pipeline. Security architecture depth.

Defense-in-depth security scanner for Java projects integrating 6 industry-standard tools (Trivy, Gitleaks, Semgrep, SpotBugs, Checkov, Hadolint) into a unified Dockerized pipeline. Also comes with a standalone installer.

🔍 Enhance cloud security visibility across AWS, GCP, and Azure with open-source tools for misconfiguration, data discovery, and vulnerability management.

🛡️ A curated list of awesome DevSecOps tools, best practices, and resources for securing CI/CD pipelines. Covers SCA, SAST, DAST, IaC, and Container Security.

Free security scanner for vector databases and RAG systems. Checks access exposure, drift, misconfigurations, and data leakage risks.

ComputeScan analyzes tfplan.json to catch GPU oversizing, autoscaling misconfigurations, tag drift, and high-risk idle patterns. Instantly, offline, and with zero setup. Designed for AI/ML infra teams and fully aligned with the GuardSuite governance engine.