Go Compliance

Open-source Go projects categorized as Compliance
Edit details
Topics: Security Go Gdpr Static Analysis Devsecops
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Top 17 Go Compliance Projects

  • OPA (Open Policy Agent)

    Open Policy Agent (OPA) is an open source, general-purpose policy engine.

    • Project mention: The API database architecture – Stop writing HTTP-GET endpoints | news.ycombinator.com | 2024-05-10

    Yeah, I fully agree. The tooling for putting that much logic into the database is just not great. I've been decently happy with Sqitch[0] for DB change management, but even with that you don't really get a good basis for testing some of the logic you could otherwise test in isolation in app code.

    I've also tried to rely heavily on the database handling security and authorization, but as soon as you start to do somewhat non-trivial attribute-/relationship-based authorization (as you would find in many products nowadays), it really isn't fun anymore, and you spend a lot of the time you saved on manually building backend routes on trying to fit you authz model into those basic primitives (and avoiding performance bottlenecks). Especially compares to other modern authz solutions like OPA[1] or oso[2] it really doesn't stack up.

    [0]: https://github.com/sqitchers/sqitch

    [1]: https://www.openpolicyagent.org

    [2]: https://www.osohq.com

  • immudb

    immudb - immutable database based on zero trust, SQL/Key-Value/Document model, tamperproof, data change history

    • Project mention: Ask HN: What is your experience of tamper proof systems? | news.ycombinator.com | 2024-01-05

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • tfsec

    Security scanner for your Terraform code

    • Project mention: Cloud Security and Resilience: DevSecOps Tools and Practices | dev.to | 2024-05-01

    3. tfsec: https://github.com/aquasecurity/tfsec tfsec uses a suite of security checks to scan your Terraform templates, helping to identify potential security issues before infrastructure is deployed.

  • kubeconform

    A FAST Kubernetes manifests validator, with support for Custom Resources!

    • Project mention: Dealing with Yaml files | /r/kubernetes | 2023-07-05

    If you want to validate your resources against the schema of the resources (mind you also crds) you can use kubeconform.

  • bearer

    Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

    • Project mention: Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python | news.ycombinator.com | 2023-10-26

  • comply

    Compliance automation framework, focused on SOC2

  • Databunker

    Secure SDK/vault for personal records/PII built to comply with GDPR

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  • Open-Source-Security-Guide

    Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

  • copacetic

    🧵 CLI tool for directly patching container images using reports from vulnerability scanners

    • Project mention: copacetic: 🧵 CLI tool for directly patching container images using reports from vulnerability scanners | /r/blueteamsec | 2023-11-25

  • xeol

    A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

    • Project mention: xeol | /r/devopspro | 2023-07-09

  • chainloop

    Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.

    • Project mention: Choosing the “old stuff” as plugin SDK for Go in 2023 | news.ycombinator.com | 2023-07-06

  • opa-envoy-plugin

    A plugin to enforce OPA policies with Envoy

  • reposaur

    Open source compliance tool for development platforms.

  • cnspec

    An open source, cloud-native security to protect everything from build to runtime

  • guardian

    Guardian is universal data access management tool with automated access workflows and security controls across data stores, analytical systems, and cloud products. (by raystack)

  • conceal

    A command line utility that provides a secure method to get your secrets from your existing password manager. :lock:

  • aws-security-posture

    Keep a historic overview of your compliance scores per workload

    • Project mention: Tracking your security posture in AWS | dev.to | 2024-03-01

    You need to do some manual labor as it is not supported by AWS. I hope I peaked your interest to check out the aws-security-posture project.

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Go Compliance related posts

  • Rego for beginners: Introduction to Rego

    1 project | dev.to | 2 Nov 2023

  • Show HN: Bearer Code Security Scanner Add Support for Java, PHP, Go, and Python

    1 project | news.ycombinator.com | 26 Oct 2023

  • Everything You Need to Know About the Difference Between OPA's Rego and AWS Cedar

    1 project | dev.to | 20 Jul 2023

  • Evolving Authorization for Our Advertising Platform

    1 project | /r/RedditEng | 30 May 2023

  • SOC2: Drata, Scrut, Vanta

    1 project | /r/cybersecurity | 15 May 2023

  • OPA (Open Policy Agent) VS selefra - a user suggested alternative

    2 projects | 20 Mar 2023

  • Simple, Self-Hosted Centralized Logging

    3 projects | /r/selfhosted | 15 Feb 2023
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 20 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source Compliance projects in Go? This list will help you:

Project Stars
1 OPA (Open Policy Agent) 9,185
2 immudb 8,499
3 tfsec 6,583
4 kubeconform 1,954
5 bearer 1,769
6 comply 1,236
7 Databunker 1,209
8 Open-Source-Security-Guide 859
9 copacetic 809
10 xeol 322
11 chainloop 314
12 opa-envoy-plugin 307
13 reposaur 280
14 cnspec 237
15 guardian 134
16 conceal 59
17 aws-security-posture 2

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com