IaC threat modeler with STRIDE, MITRE ATT&CK, and PASTA frameworks. REST API, GraphQL, and Docker support for Terraform, CloudFormation, and Kubernetes.

This repository includes cloud security policies for IaC and live resources.

Detect drift. Defend cloud.

Cloud (IaC) Security plugin for JetBrains IDEs (e.g., IntelliJ IDEA, PyCharm)

High-performance open-source security scanner combining SAST, SCA, Secret Detection, and IaC analysis, built for developers and CI/CD pipelines.

Argus brings “a hundred eyes” to your project, combining leading open source security tools into a scalable, automated, continuous security pipeline.

Free Browser Based Infrastructure as Code security scanner - Scan Terraform, Kubernetes, Docker, CloudFormation files for vulnerabilities in your browser. 180+ security rules, GitHub repo scanning, PDF reports. Privacy-first, no uploads.

An enterprise-grade, agentless, and open-source cloud security platform for AWS, GCP, and Azure that combines CSPM, DSPM, CIEM, ASM, and vulnerability management with deterministic YAML policies and natural language querying.

One-command Ubuntu Server hardening to achieve cutting-edge security, with ZERO ongoing maintenance required.

Jenkins plugin for Xygeni - End to end software development and delivery security

Enterprise security audit plugin for Claude Code. One command (/security-audit) runs a 10-phase audit with auto-remediation and PDF reports. Auto-detects platform type — supports Express, Django, Next.js, Supabase, Firebase, Electron, React Native, WordPress, Stripe, Solidity, and more.

Terraform Sentinel AI is a local-first multi-agent platform that turns natural language infrastructure requests into secure, policy-aware Terraform using LangGraph, OpenRouter free-tier models, local vector retrieval, and Docker-based validation workflows.

Security-focused prompt library and Claude Code skill for automated IaC security reviews. Covers Terraform, Kubernetes, Docker, Ansible, CloudFormation, and CI/CD pipelines. Compliance mapping to CIS, NIST 800-53, PCI-DSS, SOC2, HIPAA, and GDPR.

Terraform IaC security audit on AWS - manual code review and automated scanning with Checkov and OPA, mapped to CIS AWS Benchmark findings.

Real-time cloud storage security and IaC analysis platform. Detect misconfigurations, prevent PII exposure, and enforce compliance across AWS, Azure, and GCP

DevSecOps CI/CD pipeline scanner — Jenkins, GitHub Actions, GitLab, Azure Pipelines

Production-grade AWS multi-account landing zone. Blast radius design, SCP composition, account vending, CloudTrail detection pipeline. Security architecture depth.

Defense-in-depth security scanner for Java projects integrating 6 industry-standard tools (Trivy, Gitleaks, Semgrep, SpotBugs, Checkov, Hadolint) into a unified Dockerized pipeline. Also comes with a standalone installer.

A 540-test empirical evaluation framework assessing the security of Infrastructure-as-Code generated by AI assistants (Copilot, Cursor, Windsurf).

ComputeScan analyzes tfplan.json to catch GPU oversizing, autoscaling misconfigurations, tag drift, and high-risk idle patterns. Instantly, offline, and with zero setup. Designed for AI/ML infra teams and fully aligned with the GuardSuite governance engine.