DevSec Hardening Framework

Challenge

Running secure infrastructure is a difficult task. Although server hardening is a well-known topic with many guides out in the wild, it is still very cumbersome to apply and verify secure configuration. If you manage many server, they need to be configured properly and maintained, which is difficult and time-consuming to get right. To answer these needs for security, compliance, and maintainability, we decided to launch this project as a common ground for requirements and their fulfillment.

Vision / Goal

Our goal is simple: Create a common layer for operating system and services hardening. Even if you aren’t knee-deep in configuration manuals for services or the latest security recommendations, you will be able to implement and use this framework with ease.

Pinned Loading

ansible-collection-hardening Public

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Jinja 5.3k 827
chef-os-hardening Public

This chef cookbook provides numerous security-related configurations, providing all-round base protection.

Ruby 450 131
puppet-os-hardening Public

This puppet module provides numerous security-related configurations, providing all-round base protection.

Puppet 291 100
linux-baseline Public

DevSec Linux Baseline - InSpec Profile

Ruby 867 191
cis-docker-benchmark Public

CIS Docker Benchmark - InSpec Profile

Ruby 522 118
cis-kubernetes-benchmark Public

CIS Kubernetes Benchmark - InSpec Profile

Ruby 309 77

Repositories

Showing 10 of 51 repositories

dev-sec.github.io Public
project website

SCSS 21 Apache-2.0 15 6 (1 issue needs help) 6 Updated
ansible-collection-hardening Public
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Jinja 5,308 Apache-2.0 827 56 (2 issues need help) 17 Updated
hardening Public
DevSec Examples

Ruby 354 Apache-2.0 45 1 4 Updated
chef-mysql-hardening Public
This chef cookbook provides security configuration for mysql.

Ruby 27 Apache-2.0 8 2 6 Updated
chef-apache-hardening Public

Ruby 25 Apache-2.0 8 3 4 Updated
pam-tester Public

Python 8 1 1 6 Updated
chef-os-hardening Public
This chef cookbook provides numerous security-related configurations, providing all-round base protection.

Ruby 450 Apache-2.0 131 8 (2 issues need help) 9 Updated
.github Public

3 1 1 2 Updated
puppet-os-hardening Public
This puppet module provides numerous security-related configurations, providing all-round base protection.

Puppet 291 Apache-2.0 100 14 (1 issue needs help) 7 Updated
chef-postgres-hardening Public
This chef cookbook provides security configuration for PostgreSQL.

Ruby 28 Apache-2.0 8 2 3 Updated

View all repositories

URL: https://github.com/dev-sec