Gauntlt

Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.

     

linux open-source security hardening ruby

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.

     

linux open-source security hardening chef puppet ansible

Intelliment Security Policy Automation

Intelliment is a platform to allow enterprises to automate their network security policy management in order to help them better handle their security at scale and to respond faster to network threats

     

linux commercial security orchestration provisioning networking firewall

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

pki.io

pki.io is an open source project that makes managing and deploying X.509 certificates easy and scalable

     

linux osx bsd open-source free security x509 key management

Prevoty Application Monitoring & Protection (AMP)

Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.

     

linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci

RatticDB

RatticDB is a centralized, multi-user password management database, providing API access for automation, audit logs for accountability, and change queue to manage password rotation.

     

linux windows osx bsd solaris open-source security

Simian Army

A tool for testing and promoting infrastructure tolerance and high availability. It randomly shuts down servers, or blocks network connections, and makes sure you design your systems to survive these events.

     

linux windows osx open-source security java

Snitch

SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to

     

monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening

Snort

Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.

     

open-source security hardening

SSH KeyBox

An open-source jump box solution with auditing capabilities

     

linux open-source cloud monitoring security java

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Tinfoil Security

Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.

     

linux windows osx free commercial ci monitoring security

VAddy

VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.

     

linux windows osx free commercial ci cloud security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python