Top pick
Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.
siemxdrcompliancemonitoringself-hosted
Browse & filter
Filter by platform, license text, maturity, maintenance cadence, and editorial tags like privacy-focused or self-hosted. Search matches names, summaries, tags, and use cases.
12 tools match your filters
Honorable mention
Host-based security auditing for Unix: misconfigurations, packages, SSH, kernel hardening hints.
hardeningauditlinuxcompliance
Also strong
CLI and library for generating SBOMs (SPDX, CycloneDX) from images, directories, and archives.
sbomsupply-chaincompliancecontainers
Top pick
Expose OS state as SQL tables—processes, sockets, users, browser extensions—for fleet visibility and compliance.
endpointinventorycomplianceedr-litesql
Full vulnerability management stack: OpenVAS scanner, Greenbone Vulnerability Manager, feeds, and web UI for scan management.
vulnerability-managementscannervacompliance
Also strong
SCAP toolkit for compliance scanning: Oval, XCCDF, tailoring files, and remediation snippets (e.g. DISA STIG workflows).
compliancestighardeningauditlinux
Also strong
CIS Kubernetes benchmark checker: run checks against nodes, control plane, etcd, and policies with readable reports.
kubernetesciscompliancehardening
Top pick
Open cloud security assessment for AWS, Azure, GCP, and M365: CIS, PCI, HIPAA-style checks and compliance reports.
cloudcspmcomplianceawsazuregcp
Honorable mention
Host-based IDS: log analysis, file integrity monitoring, rootcheck, and active response—ancestor lineage to Wazuh.
hidsfimlogscompliancelegacy
Top pick
Kubernetes security scanner for misconfigurations, RBAC, compliance frameworks (NSA/CIS), and image vulnerabilities.
kubernetescompliancedevsecopsscannercncf
Top pick
SQL layer over cloud and SaaS APIs—compose compliance and inventory queries across AWS, Azure, GCP, GitHub, Okta, and hundreds of plugins.
cloudcompliancecspminventorysql
Rules engine for public cloud governance: tag enforcement, unused resource cleanup, KMS/SG checks, and compliance filters across AWS/Azure/GCP.
cloudgovernancecomplianceautomationcspm