Akeyless Vault

Secrets Management: Automate Secrets across your DevOps tools and cloud platforms using a secured vault for credentials, tokens, API-Keys and passwords.

     

linux windows osx bsd solaris free commercial security

argo-cd

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

     

open-source cd virt kubernetes cloud go

Assimilation System Management Suite

The Assimilation Suite discovers systems, services, network connections, configuration and dependencies, IP and MAC addresses. This all goes into a continually updated graph-based configuration management database (CMDB). This is then compared and scored against best practices, services and servers are monitored - all with near-zero configuration - in a way that scales to hundreds of thousands of servers. It also provides visualization tools, APIs for sending alerts to humans and other systems, and a variety of canned reports (queries) to aid in securing and managing systems, hooking into ChatOps, and creating plans for triaging your security issues

     

linux open-source commercial C shell python config CMDB service-discovery monitoring visualization security hardening

AWSBox

DIY Platform-as-a-Service tool specialized for NodeJS projects with AWS as the backend, and created by Mozilla

     

linux open-source cloud-paas nodejs

Bamboo

Build, test, deploy. Bamboo Server is the choice of professional teams for continuous integration, deployment, and delivery

     

linux windows osx commercial ci cd cloud

Bastillion

Bastillion is an open-source web-based SSH console that centrally manages administrative access to systems. A bastion host for administrators with features that promote infrastructure security, including key management and auditing.

     

linux open-source security

Bitrise

Automate your iOS development: Bitrise helps you automate your daily mobile app development tasks from building through testing to deployment. With Bitrise you can configure these tasks with a unique, visual workflow editor, where all of the steps are open source. If the step you need is not in our collection you can create your own and share it with others.

     

osx open-source free commercial ci cd cloud cloud-paas paas

boot2docker

boot2docker is a lightweight Linux distribution based on Tiny Core Linux made specifically to run Docker containers. It runs completely from RAM, weighs ~24MB and boots in a couple of seconds. Can be used as a base OS when running your own PaaS with Docker, or other kind of deployments.

     

linux open-source virt cloud-paas

Cloud Application Manager

Cloud Application Manager is a software-defined managed services orchestration platform that enables the configuration, deployment, management and automation of applications within public, private and hybrid IT environments.

     

linux osx solaris windows commercial cloud-paas config-mgmt provisioning orchestration

CloudRepo

Public and Private Maven and Python (PyPi) repositories. Fully managed and highly available repository hosting.

     

linux windows osx bsd solaris commercial packaging artifacts java clojure scala groovy python pypi cloud maven sbt leiningen gradle ivy

Cloudsmith Package

Just Better Package Management. Manage your software dependencies and distribution with Enterprise-grade package management.

     

linux windows cloud packaging distribution debian nuget maven python rpm redhat ruby

CloudStack

Apache CloudStack is open source software designed to deploy and manage large networks of virtual machines, as a highly available, highly scalable Infrastructure as a Service (IaaS) cloud computing platform. CloudStack is used by a number of service providers to offer public cloud services, and by many companies to provide an on-premises (private) cloud offering, or as part of a hybrid cloud solution.

     

linux open-source virt cloud-paas

CoreOS

CoreOS is an extremely lightweight base OS for Docker. It installs just a kernel, systemd and docker, and then you use Docker to pull in any service that you want. Can be used as a base OS when running your own PaaS with Docker, or other kind of deployments.

     

linux open-source commercial virt cloud-paas

Deploy Studio

An tools for re-imaging and provisioning OSX devices

     

osx provisioning orchestration config hardening

Dist

Private, fully managed Docker Container Registries and Maven Repositories. Works with native tooling, no plugins required. Reliable, secure, and fast (with a purpose built CDN).

     

linux cloud packaging maven java clojure scala

Docker

Docker uses LXC to create and manage native, sandboxed virtual containers. LXC containers acts like a separate OSes, can install their own packages without affecting anything else, and overall have almost the same flexibility of VMs but without any of the virtualization overhead! Docker adds a ton of features, like an elegant configuration file that automates many things (like port forwarding, disk/directory mounting, networking, etc), a way to create and share readymade images that can be distributed as appliances, etc.

     

linux open-source virt cloud-paas provisioning go

Dokku

It uses docker, git-receive and a few other lightweight and clever libraries to build a quick PaaS, all around just 100 lines of code! An excellent small tool to get started with PaaS systems. The same developer is creating a larger scale, production quality system called Flynn.

     

linux open-source virt cloud-paas provisioning shell?

Flynn

From the creator of Dokku, Flynn is a full fledged, open source PaaS platform built on top of Docker. You just push code with a Procfile, and that’s it, Flynn immediately picks it up, provisions a Docker container and deploys the latest code! Its tagged as “the product that ops gives to developers”

     

linux open-source virt cloud-paas go

Fog

The Ruby Cloud API library. Provides a Ruby API for interacting and managing many cloud providers, such as spinning up new instances, terminating old ones, attaching storage, etc. Currently supports more than 20 providers, including EC2, Rackspace, Brightbox, etc.

     

linux windows osx open-source cloud-paas ruby

Foreman

A complete lifecycle management tool for servers, both self-hosted and in the cloud. It allows you to create and manage instances, build and deploy images, view and audit hosts, and much more! It works with Puppet or Chef, and has multiple interaction facilities like a web frontend, CLI and a RESTful API.

     

linux open-source virt config-mgmt provisioning monitoring cloud-paas ruby

Gauntlt

Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.

     

linux open-source security hardening ruby

Harbor

Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.

     

linux open-source security hardening

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.

     

linux open-source security hardening chef puppet ansible

Intelliment Security Policy Automation

Intelliment is a platform to allow enterprises to automate their network security policy management in order to help them better handle their security at scale and to respond faster to network threats

     

linux commercial security orchestration provisioning networking firewall

jclouds

A Java Library for controlling cloud resources, with various plugins for many popular cloud providers.

     

linux windows osx open-source cloud-paas java

Apache Libcloud

Python library for interacting with many of the popular cloud service providers using a unified API.

     

linux windows osx bsd open-source cloud-paas python

LXD

LXD is a next generation system container manager. It offers a user experience similar to virtual machines but using Linux containers instead. It's image based with pre-made images available for a wide number of Linux distributions and is built around a very powerful, yet pretty simple, REST API.

     

linux open-source virt cloud-paas provisioning go

Nevercode

Develop apps 20% faster with the leading CI/CD partner Cloud-based continuous integration & delivery for iOS, Android, Cordova, Ionic, React Native & Flutter projects.

     

cloud commercial ci cd

NGINX Amplify

Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.

     

linux bsd free commercial logging monitoring metrics visualization security hardening errors

notabug.org

Free code hosting

     

cloud open-source scm vcs

Openshift

Openshift is a container management platform built around a core of Docker container packaging and Kubernetes cluster management. Origin is the upstream community project that powers OpenShift.

     

linux open-source cloud-paas go

OpenStack

An open source, massively scalable cloud operating system used for building private and public clouds

     

linux open-source virt cloud-paas

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

ownCloud

A self-hosted personal cloud/social platform with contacts, calendars, file sharing, tasks, etc.

     

linux open-source cloud-paas

Packer

Packer is a tool for creating identical machine images for multiple platforms (like VirtualBox, VMWare, EC2, DigitalOcean, etc) from a single configuration file.

     

linux windows osx open-source virt cloud-paas go

pagure

Pagure is an Open Source software code hosting system.

     

cloud open-source scm

Pallet

A tool to provision and maintain servers across various cloud platforms as well as virtual machine platforms, without any dependencies. Provides cloud and operating system independence.

     

linux windows osx open-source cloud-paas clojure

Prevoty Application Monitoring & Protection (AMP)

Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.

     

linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci

Pulumi

Create, deploy, and manage Cloud Native infrastructure, as real code. A single toolset for infrastructure, managed services, containers, and serverless environments on any cloud infrastructure. You get all the benefits of real programming languages; IDEs, abstractions and reuse thanks to functions, classes, and packages, debugging, testability, and more

     

linux windows osx open-source cloud-paas go javascript python

Simp

Compliance automation

     

linux open-source security

Snitch

SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to

     

monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening

Snort

Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.

     

open-source security hardening

Sovereign

A set of Ansible playbooks to configure and maintain your own personal cloud, including email, calendars, file storage, vpn, irc, etc. A nice collection of utilities as well as a good showcase of Ansible's features

     

linux open-source cloud-paas python

SSH KeyBox

An open-source jump box solution with auditing capabilities

     

linux open-source cloud monitoring security java

StackStorm

A platform for event-driven automation. StackStorm allows you to integrate and automate across services and tools. It ties together your existing infrastructure and application environment so you can more easily automate that environment -- with a particular focus on taking actions in response to events.

     

automation cd provisioning cloud orchestration config-mgmt orchestration python linux open-source apache2

System Integrety Management Platform

SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.

     

config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

Terraform

Terraform provides a common configuration to launch infrastructure from different providers (AWS, Digital Ocean, Heroku, etc.). It provides dependency resolution to make sure that your infrastructure is created in the right order

     

linux windows osx open-source cloud-paas go

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Tinfoil Security

Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.

     

linux windows osx free commercial ci monitoring security

tsuru

tsuru is an extensible and open source Platform as a Service (PaaS) that makes application deployments faster and easier. Its built upon Docker and allows you easily manage and scale your applications.

     

linux open-source virt cloud-paas go

VAddy

VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.

     

linux windows osx free commercial ci cloud security

Vault

Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

     

linux windows osx bsd solaris open-source comercial security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python

Weave

Weave creates a virtual network that connects Docker containers deployed across multiple hosts. Services provided by application containers on the weave network can be made accessible to the outside world, regardless of where those containers are running. Similarly, existing internal systems can be exposed to application containers irrespective of their location.

     

linux open-source virt cloud-paas orchestration service-discovery go

Oracle-Wercker

Continuous delivery to the cloud

     

commercial cloud cd