Build software better, together

filipi86 / drogonsec

High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines, using AI for recommendation!

ai static-analysis application-security sca security-scanner devsecops code-scanning vulnerability-scanner cloud-security sast dependency-scanning open-source-security iac-security shift-left-security secret-detection cicd-security ai-remediation

Updated Jun 23, 2026
Go

antonbabenko / awesome-terraform-compliance

Sponsor

Star

Awesome Terraform Compliance - tools, frameworks, and resources for implementing compliance, security, and governance controls in Terraform and OpenTofu infrastructure.

security awesome terraform awesome-list compliance policy-as-code terraform-compliance iac-security opentofu

Updated Jun 18, 2026

inno-devops-labs / DevSecOps-Intro

Star

🚀 DevSecOps intro elective — 10 hands-on labs + 2 bonus hardening OWASP Juice Shop: threat modeling (STRIDE/Threagile), signed commits & secret scanning, SBOM/SCA, SAST + DAST, IaC security (Checkov/KICS), container & supply-chain hardening (Trivy, Cosign), runtime detection with Falco, and DefectDojo vuln management.

education security course threat-modeling devsecops falco sast dast container-security juice-shop sbom trivy supply-chain-security defectdojo hands-on-labs iac-security cosign

Updated Jun 28, 2026
Shell

bogdanticu88 / threatmap

Star

IaC threat modeler with STRIDE, MITRE ATT&CK, and PASTA frameworks. REST API, GraphQL, and Docker support for Terraform, CloudFormation, and Kubernetes.

graphql docker kubernetes cloudformation rest-api terraform static-analysis pasta threat-modeling mermaid security-tools devsecops cloud-security dfd stride mitre-attack github-actions iac-security

Updated Mar 25, 2026
Python

prancer-io / prancer-compliance-test

Star

This repository includes cloud security policies for IaC and live resources.

devops policy iac opa devsecops rego iac-security

Updated Mar 11, 2026
Open Policy Agent

inayathulla / cloudrift

Sponsor

Star

Detect drift. Defend cloud.

go golang open-source aws security terraform cybersecurity devsecops cloud-security drift-detection security-tooling iac-security cloud-compliance

Updated Feb 21, 2026
Go

NordCoderd / cloud-security-plugin

Star

Cloud (IaC) Security plugin for JetBrains IDEs (e.g., IntelliJ IDEA, PyCharm)

docker kubernetes docker-compose iac kubernetes-secrets infrastructure-as-code vulnerability-scanners security-tools devsecops cloud-security sast docker-security kubernetes-security iac-security infrastructure-as-code-security

Updated May 2, 2026
Kotlin

huntridge-labs / argus

Star

Argus brings “a hundred eyes” to your project, combining leading open source security tools into a scalable, automated, continuous security pipeline.

hardening fedramp security-automation security-tools devsecops vulnerability-scanning malware-detection sast dast container-security security-scanning iac-security secret-detection

Updated Jun 26, 2026
Python

clay-good / mantissa-stance

Star

An enterprise-grade, agentless, and open-source cloud security platform for AWS, GCP, and Azure that combines CSPM, DSPM, CIEM, ASM, and vulnerability management with deterministic YAML policies and natural language querying.

kubernetes open-source aws azure asm gcp vulnerability-management security-tools devsecops cloud-security agentless secrets-detection cspm iac-security ciem dspm

Updated May 10, 2026
Python

peachycloudsecurity / iac-security-scanner

Sponsor

Star

Free Browser Based Infrastructure as Code security scanner - Scan Terraform, Kubernetes, Docker, CloudFormation files for vulnerabilities in your browser. 180+ security rules, GitHub repo scanning, PDF reports. Privacy-first, no uploads.

security-analysis cloud-security browser-based docker-security kubernetes-security iac-security terraform-scanner

Updated Jan 31, 2026
TypeScript

cpeoples / ansible-security-scanner

Sponsor

Star

🛡️ Static security scanner (SAST) for Ansible playbooks, roles, and collections. 1,000+ rules across 30+ categories detecting malicious code, RCE, hardcoded credentials, and supply-chain risk. Outputs SARIF, CycloneDX SBOM, and GitLab SAST. SLSA Build Level 3, Sigstore-signed.

Updated Jun 27, 2026
Python

anantacloud-actions / trivy

Star

🛡️ The fastest Trivy Action for GitHub. Scan Containers, Filesystems, and IaC for vulnerabilities. Supports SBOM, SARIF, and Daily DB Caching.

nodejs security static-analysis actions devsecops vulnerability-scanner docker-security container-security sbom github-actions cyclonedx kubernetes-security trivy supply-chain-security cve-scanner iac-security

Updated Jun 26, 2026
JavaScript

Mikaru0Mystic / breachproof

Star

Autonomous AI security agent that audits, pentests, and hardens your whole codebase: SAST, secrets, SCA, IaC, containers, CI/CD, OWASP, and AI/LLM red-teaming. Auto-fixes vulnerabilities and maps findings to compliance frameworks like SOC 2. Works with Claude Code, Cursor, Codex, and opencode.

Updated Jun 27, 2026
Shell

ChrisAdkin8 / tf-analyze

Star

Static + plan-time Terraform security analysis with attack-graph prioritisation, MITRE ATT&CK mapping, and one-click PR fix suggestions. 215 rules, 100% fix_hcl coverage.

Updated May 30, 2026
Python

Param-10 / hackthebay

Star

Polaris is an AI-powered DevOps and IaC review assistant that analyzes pull requests, detects security and configuration issues, and suggests verified fixes using Gemini.

kubernetes security devops ai terraform nextjs gemini github-app fastapi iac-security

Updated Jun 24, 2026
TypeScript

ReeperReepx / Security-Audit-Claude-Skill

Star

Enterprise security audit plugin for Claude Code. One command (/security-audit) runs a 10-phase audit with auto-remediation and PDF reports. Auto-detects platform type — supports Express, Django, Next.js, Supabase, Firebase, Electron, React Native, WordPress, Stripe, Solidity, and more.

Updated Mar 20, 2026

benvigano / ubuntu_sturdy

Star

One-command Ubuntu Server hardening to achieve cutting-edge security, with ZERO ongoing maintenance required.

iac ubuntu-server server-security iac-security server-hardening ubuntu-security

Updated Aug 23, 2025
Shell

jenkinsci / xygeni-sensor-plugin

Star

Jenkins plugin for Xygeni - End to end software development and delivery security

security secrets-scan iac-security software-attestation software-supply-chain-security ci-cd-security

Updated May 1, 2025
Java

uttej-badwane / secure-cloud-prompt-engineering

Star

Security-focused prompt library and Claude Code skill for automated IaC security reviews. Covers Terraform, Kubernetes, Docker, Ansible, CloudFormation, and CI/CD pipelines. Compliance mapping to CIS, NIST 800-53, PCI-DSS, SOC2, HIPAA, and GDPR.

infrastructure-as-code security-automation devsecops cloud-security kubernetes-security terraform-security iac-security agent-skills claude-code claude-skills

Updated Mar 8, 2026
Shell

anantacloud-actions / conftest-action

Star

Advanced Conftest GitHub Action for Terraform, Kubernetes, Helm & Dockerfile policy scanning with SARIF, GitHub Security, Slack, Teams and Google Chat notifications.

kubernetes dockerfile terraform helm opa compliance microsoft-teams slack-notifications sarif policy-engine devsecops code-scanning cloud-security google-chat policy-as-code rego conftest iac-security shift-left-security

Updated Jun 20, 2026
JavaScript

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

iac-security

Here are 52 public repositories matching this topic...

filipi86 / drogonsec

antonbabenko / awesome-terraform-compliance

inno-devops-labs / DevSecOps-Intro

bogdanticu88 / threatmap

prancer-io / prancer-compliance-test

inayathulla / cloudrift

NordCoderd / cloud-security-plugin

huntridge-labs / argus

clay-good / mantissa-stance

peachycloudsecurity / iac-security-scanner

cpeoples / ansible-security-scanner

anantacloud-actions / trivy

Mikaru0Mystic / breachproof

ChrisAdkin8 / tf-analyze

Param-10 / hackthebay

ReeperReepx / Security-Audit-Claude-Skill

benvigano / ubuntu_sturdy

jenkinsci / xygeni-sensor-plugin

uttej-badwane / secure-cloud-prompt-engineering

anantacloud-actions / conftest-action

Improve this page

Add this topic to your repo