Ansible

A versatile orchestration engine that can automate systems and apps. Instead of a custom scripting language or code, it is very simple and shell based. It is also agent-less, so you can just start using it right away and get things done

     

linux open-source provisioning config-mgmt orchestration python

Bcfg2

bee-config (Bcfg) 2 is a centralized configuration management server to configure large number of systems, built to be cross platform. Bcfg2 uses a simple XML based configuration model with intuitive items like packages, services, config files, dependencies, etc. This model is easily validatable and can be used to audit and reconcile remote systems.

     

linux windows osx open-source config-mgmt provisioning python

CFEgine

An open source configuration management system whose primary function is to provide stable and resilient automated configuration and maintenance of large-scale computer systems, including the unified management of servers, desktops, embedded networked devices, mobile smartphones, and tablet computers. It is an agent based system that is fully distributed and autonomous. It is very lightweight, fast, portable, and flexible with a strong security track record.

     

linux Solaris Windows open-source commercial config-mgmt C

Cft

Cft watches as you make changes to your server, and then creates puppet manifests for the resulting actions. Simplifies creating puppet configuration.

     

linux open-source config-mgmt provisioning orchestration

Chef

Configuration management tool which uses a pure-Ruby, domain-specific language (DSL) for writing system configuration recipes. Supports Linux, UNIX, Windows, and AIX as first-class citizens for management.

     

linux windows open-source provisioning config-mgmt ruby

COBBLER

Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between many various commands and applications when deploying new systems, and, in some cases, changing existing ones. Cobbler can help with provisioning, managing DNS and DHCP, package updates, power management, configuration management orchestration, and much more.

     

linux open-source config-mgmt provisioning orchestration

ConDep

ConDep is a open source infrastructure configuration and deployment DSL (Domain Specific Language) specifically targeted to (but not limited to) the Windows Server platform. If your familiar with tools like Chef and Puppet, ConDep does very much the same, but with native support for Windows.

     

windows open-source ci provisioning config-mgmt net

Deploy Studio

An tools for re-imaging and provisioning OSX devices

     

osx provisioning orchestration config hardening

ElasticBox

ElasticBox is an enterprise DevOps platform for IT teams to deliver applications frequently at low costs and with fewer failures. Applications are much easier to automate, orchestrate, deploy, and manage on private, public or hybrid clouds. IT teams can use the platform to align with business needs in an agile, transparent, and collaborative way.

     

linux osx solaris windows commercial free cloud-paas config-mgmt provisioning orchestration

FAI

Fully Automatic Installation (FAI) is a tool for mass unattended deployment of Linux. You can take one or more virgin PCs, turn on the power, and after a few minutes, the systems are installed and completely configured.

     

linux open-source config-mgmt provisioning perl

Foreman

A complete lifecycle management tool for servers, both self-hosted and in the cloud. It allows you to create and manage instances, build and deploy images, view and audit hosts, and much more! It works with Puppet or Chef, and has multiple interaction facilities like a web frontend, CLI and a RESTful API.

     

linux open-source virt config-mgmt provisioning monitoring cloud-paas ruby

Gauntlt

Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.

     

linux open-source security hardening ruby

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.

     

linux open-source security hardening chef puppet ansible

Intelliment Security Policy Automation

Intelliment is a platform to allow enterprises to automate their network security policy management in order to help them better handle their security at scale and to respond faster to network threats

     

linux commercial security orchestration provisioning networking firewall

Loom

Built on top of Fabric and Puppet, it does the stuff that Puppet doesn’t do, which is bootstrapping fresh machines, assigning them roles, deploying Puppet, and installing Puppet modules. It automates stuff that has to be done before Puppet can begin its work

     

linux windows osx open-source config-mgmt provisioning ruby

mgmt

The mgmt tool is a distributed, event driven, config management tool, that supports parallel execution, and librarification to be used as the management foundation in and for, new and existing software.

     

linux osx open-source config config-mgmt

NGINX Amplify

Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.

     

linux bsd free commercial logging monitoring metrics visualization security hardening errors

OneOps

OneOps is a cloud management and application lifecycle management platform that developers use to both develop and launch new products faster, and to more easily maintain them throughout their entire lifecycle. OneOps enables developers to code their products in a hybrid, multi-cloud environment. This means developers can switch between different cloud providers to take advantage of better pricing, technology or scalability – without being locked into one cloud provider. Our mission is to give our customers the most agile, cost-effective, flexible application lifecycle management solution for enterprise class workloads in the cloud

     

linux open-source virt config-mgmt provisioning monitoring cloud-paas

Opskeleton

Bootstrap a DevOps infrastructure with some opinionated defaults (vagrant, puppet, librarian-puppet, git, etc), standard development guidelines, etc. Makes it very quick to get a DevOps team up and running

     

linux open-source scm virt config-mgmt provisioning orchestration ruby

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Overcast

A simple command line program designed to make it easy to spin up, configure, and interact with any number of machines over SSH. Supported providers include AWS, DigitalOcean, Linode and Virtualbox.

     

linux osx open-source provisioning config-mgmt orchestration nodejs

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

pki.io

pki.io is an open source project that makes managing and deploying X.509 certificates easy and scalable

     

linux osx bsd open-source free security x509 key management

Poni

A system management and provisioning tool, with centralized configuration management

     

linux open-source config-mgmt provisioning orchestration python

Prevoty Application Monitoring & Protection (AMP)

Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.

     

linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci

PowerShell Desired State Configuration

DSC is a new management platform in Windows PowerShell that enables deploying and managing configuration data for software services and managing the environment in which these services run.

     

linux windows powershell open-source commercial config-mgmt

Puppet

Puppet is a tool designed to manage the configuration of Unix-like and Microsoft Windows systems declaratively.

     

linux windows osx open-source config-mgmt ruby

RatticDB

RatticDB is a centralized, multi-user password management database, providing API access for automation, audit logs for accountability, and change queue to manage password rotation.

     

linux windows osx bsd solaris open-source security

SaltStack

Salt is a powerful and different approach to infrastructure management, by focusing on high speed communications between large number of systems, and can perform orchestration, remote code execution and much more.

     

linux windows osx open-source commercial config-mgmt provisioning orchestration python

ShutIt

ShutIt is an automation platform. It makes it easy to create simple modular automation scripts that handle differing output, install software, log in and out of servers, capture output etc.. ShutItFiles are an extension to make it even easier for people to develop automation scripts.

     

linux open-source config-mgmt provisioning python

Simian Army

A tool for testing and promoting infrastructure tolerance and high availability. It randomly shuts down servers, or blocks network connections, and makes sure you design your systems to survive these events.

     

linux windows osx open-source security java

Slaughter

A Perl tool for automating configuration, maintenance and management of large number of systems. Allows policies to be written in a central server and implement specific policies in various servers

     

linux open-source config-mgmt provisioning orchestration perl

Snitch

SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to

     

monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening

Snort

Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.

     

open-source security hardening

SSH KeyBox

An open-source jump box solution with auditing capabilities

     

linux open-source cloud monitoring security java

StackStorm

A platform for event-driven automation. StackStorm allows you to integrate and automate across services and tools. It ties together your existing infrastructure and application environment so you can more easily automate that environment -- with a particular focus on taking actions in response to events.

     

automation cd provisioning cloud orchestration config-mgmt orchestration python linux open-source apache2

System Integrety Management Platform

SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.

     

config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Tinfoil Security

Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.

     

linux windows osx free commercial ci monitoring security

VAddy

VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.

     

linux windows osx free commercial ci cloud security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python