InSpec is an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.InSpec makes it easy to run your tests wherever you need. More options are found in our CLI docs.
audit inspec security compliance devsec devops tdd-utilities tdd spec testingMolecule is designed to aid in the development and testing of Ansible roles. Molecule provides support for testing with multiple instances, operating systems and distributions, virtualization providers, test frameworks and testing scenarios. Molecule is opinionated in order to encourage an approach that results in consistently developed roles that are well-written, easily understood and maintained. Molecule uses Ansible playbooks to exercise the role and its associated tests. Molecule supports any provider [1] that Ansible supports.
python27 ansible testing testing-framework docker lxc lxd openstack vagrant testinfra goss ansible-lint ec2 yamllint gce azure python36 inspec rubocopInSpec is an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements. InSpec makes it easy to run your tests wherever you need. More options are found in our CLI docs.
audit inspec security compliance devsec devops tdd-utilities tdd spec testingThis repository is the development repository for InSpec for AWS. Once RFC Platforms is fully implemented in InSpec, this repository is going to be merged into core InSpec.As of now, AWS resources are implemented as an InSpec resource pack. It will ship with the required resources to write your own AWS tests.
inspec awsThis InSpec compliance profile implement the CIS Docker 1.13.0 Benchmark in an automated way to provide security best-practice tests around Docker daemon and containers in a production environment. InSpec is an open-source run-time framework and rule language used to specify compliance, security, and policy requirements for testing any node in your infrastructure.
cis-docker-benchmark inspec docker security hardeningThis Compliance Profile ensures, that all hardening projects keep the same quality. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec audit security devsec baseline hardeningThis Compliance Profile ensures, that all hardening projects keep the same quality. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec baseline nginx security audit devsec hardeningThis is currently in development! Any feedback or Pull Request is welcome. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec baseline security hardening audit devsecThis Compliance Profile ensures, that all hardening projects keep the same quality. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec audit security baseline devsec postgresql hardeningThis Compliance Profile ensures, that all hardening projects keep the same quality. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec audit security baseline devsec ssh hardeningThis Compliance Profile demonstrates the use of InSpec's SSL resource by enforcing strong TLS configuration. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
inspec audit devsec baseline security tls ssl hardeningThis Baseline ensures, that all hardening projects keep the same quality. Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
baseline security audit hardening devsec inspecThis repository demonstrates how to use InSpec with provising tools. Recent additions to InSpec 2.0 allow us to verify not only machines, but also any infrastructure provisioned in AWS or Azure cloud. This repository is providing guidance on the use of provising tools in conjunction with InSpec. The following example will provision a two-tier terraform architecture on AWS. It assumes that you have AWS credentials properly configured.
inspec provision terraform awsThis InSpec resource pack uses the Azure REST API and provides the required resources to write tests for resources in Azure. These must be stored in a environment variables prefaced with AZURE_. If you use Dotenv then you may save these values in your own .envrc file. Either source it or run direnv allow. If you don't use Dotenv then you may just create environment variables in the way that your prefer.
inspec azureThis InSpec resource pack uses the native Google Cloud Platform (GCP) support in InSpec and provides the required resources to write tests for GCP. This implementation was inspired on the ideas by Martez Reed.
inspec gcpThis repository contains a collection of InSpec resources used to interact with the VMware platform. In order to use the resources in this resource pack you must declare the dependency in your InSpec profile.
inspec esx vsphere vmware
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.