Steampipe

Security & Privacy

Prowler

Open cloud security assessment for AWS, Azure, GCP, and M365: CIS, PCI, HIPAA-style checks and compliance reports.

Security & Privacy

ScoutSuite

Multi-cloud security auditing: AWS, Azure, GCP, Alibaba—HTML reports highlighting misconfigurations and risky resources.

Security & Privacy

Cloud Custodian

Rules engine for public cloud governance: tag enforcement, unused resource cleanup, KMS/SG checks, and compliance filters across AWS/Azure/GCP.

Security & Privacy

osquery

Expose OS state as SQL tables—processes, sockets, users, browser extensions—for fleet visibility and compliance.

Security & Privacy

Cartography

Lyft’s tool to sync AWS, GCP, Azure, GitHub, and more into a Neo4j graph for attack-path and permission analysis.

Security & Privacy

Wazuh

Open security platform combining SIEM, XDR, file integrity monitoring, and compliance checks across endpoints and cloud.