Spec Compliance
Top > Transversal > Security > Spec Compliance
- AWS Config - AWS Config tracks changes in resource configurations and also allows to enforce compliance against desired target ones. 🌐
- Amazon Inspector - Amazon Inspector is an agent-based security solution that automatically assesses applications for vulnerabilities or deviations from best practices. 🌐
- AppArmour - AppArmor is a Mandatory Access Control (MAC) system which is a kernel (LSM) enhancement to confine programs to a limited set of resources. It is claimed to be easier than SELinux. 🌐
- Aqua - Vulnerability and threat analysis for containers, serverless, and cloud native applications. 🌐
- CFN Nag - A CLI tool that looks for patterns in CloudFormation templates that may indicate insecure infrastructure. 🌐
- Cloud Formation Guard - A CLI tool that checks AWS CloudFormation templates for policy compliance using a simple, policy-as-code, declarative syntax. 🌐
- Docker Bench - Docker Bench checks for common best-practices around deploying Docker containers in production. It is inspired by the CIS Docker Benchmark. 🌐
- Docker CIS Benchmarks - CIS Benchmarks applied to Docker. 🌐
- InSpec - Chef InSpec is a OS configuration compliance tool known for its user-friendly Ruby-based DSL. It can also audit properties of cloud infrastructure. 🌐
- OpenSCAP - A NIST-certified platform for general spec compliance and vulnerability scanning which includes container-based as well as traditional workloads. 🌐
- Qualys - Qualys is a spec conformance and vulnerability analysis tool. It is popular in the financial sector despite the availability of more powerful and user-friendly tools in the marketplace such as InSpec. 🌐
- SELinux - Security-Enhanced Linux (SELinux) is a Linux kernel security module to implement access control security policies such as type enforcement, mandatory access controls (MAC), mandatory integrity controls, and role-based access control (RBAC). 🌐
Before You Leave
🤘 Subscribe to my 100% spam-free newsletter!