Akeyless Vault

Secrets Management: Automate Secrets across your DevOps tools and cloud platforms using a secured vault for credentials, tokens, API-Keys and passwords.

     

linux windows osx bsd solaris free commercial security

AppVeyor

Continuous Delivery service for Windows

     

windows free commercial ci

aptly

aptly is a swiss army knife for Debian repository management: it allows you to mirror remote repositories, manage local package repositories, take snapshots, pull new versions of packages along with dependencies, publish as Debian repository.

     

linux packaging artifacts open-source

Archiva

Apache Archiva™ is an extensible repository management software that helps taking care of your own personal or enterprise-wide build artifact repository.

     

linux windows osx bsd solaris open-source artifacts

argo-cd

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes.

     

open-source cd virt kubernetes cloud go

Artifactory

JFrog’s Artifactory open source project was created to speed up development cycles using binary repositories. It’s the world’s most advanced repository manager, creating a single place for teams to manage all their binary artifacts efficiently.

     

linux windows open-source artifacts packaging

Assimilation System Management Suite

The Assimilation Suite discovers systems, services, network connections, configuration and dependencies, IP and MAC addresses. This all goes into a continually updated graph-based configuration management database (CMDB). This is then compared and scored against best practices, services and servers are monitored - all with near-zero configuration - in a way that scales to hundreds of thousands of servers. It also provides visualization tools, APIs for sending alerts to humans and other systems, and a variety of canned reports (queries) to aid in securing and managing systems, hooking into ChatOps, and creating plans for triaging your security issues

     

linux open-source commercial C shell python config CMDB service-discovery monitoring visualization security hardening

Bamboo

Build, test, deploy. Bamboo Server is the choice of professional teams for continuous integration, deployment, and delivery

     

linux windows osx commercial ci cd cloud

Bastillion

Bastillion is an open-source web-based SSH console that centrally manages administrative access to systems. A bastion host for administrators with features that promote infrastructure security, including key management and auditing.

     

linux open-source security

Bitrise

Automate your iOS development: Bitrise helps you automate your daily mobile app development tasks from building through testing to deployment. With Bitrise you can configure these tasks with a unique, visual workflow editor, where all of the steps are open source. If the step you need is not in our collection you can create your own and share it with others.

     

osx open-source free commercial ci cd cloud cloud-paas paas

Boxstarter

Repeatable, reboot resilient windows environment installations made easy using Chocolatey packages. When its time to repave either bare metal or virtualized instances, locally or on a remote machine, Boxstarter can automate both trivial and highly complex installations. Compatible with all Windows versions from Windows 7/2008 R2 forward.

     

windows open-source virt packaging provisioning powershell

Buildbot

Buildbot is an open-source framework for automating software build, test, and release processes. It differs from other CI tools in that it is more of a betteries included Framework, rather than a tool, and can hence be grown to meet your own needs. One of the reasons it is used in many high profile open source projects like Chromium, Firefox, Webkit, Python, etc.

     

linux open-source ci python

Buildkite

Buildkite is a platform for running fast, secure, and scalable continuous integration pipelines on your own infrastructure.

     

linux windows osx commercial ci cd

Cabot

Cabot is an open source, self hosted infrastructure monitoring tool. It can monitor your services and send telephone, SMS, email or chat alerts to your team whenever anything goes down, all without writing a single line of code.

     

linux windows osx open-source ci python

ChartMuseum

Host your own Helm Chart Repository ChartMuseum is an open-source, easy to deploy, Helm Chart Repository server.

     

linux open-source packaging artifacts

Checkov

Infrastructure as Code security scanner supporting Kubernetes, Helm, Terraform, CloudFormation, ARM templates and more.

     

linux windows osx open-source security

Chocolatey

Chocolatey is like apt-get for Windows. It can install packages and dependencies over the command line.

     

windows open-source packaging provisioning powershell

CircleCI

CircleCI is a hosted continious integration and deployment service that supports mobile, web and containerized apps. It integrates with GitHub seamlessly but with no other version control systems. CircleCI offers a single container to build multiple projects (even private ones) for free. It also supports parallelism with pricing plans.

     

linux osx free commercial ci cd

CloudRepo

Public and Private Maven and Python (PyPi) repositories. Fully managed and highly available repository hosting.

     

linux windows osx bsd solaris commercial packaging artifacts java clojure scala groovy python pypi cloud maven sbt leiningen gradle ivy

Cloudsmith Package

Just Better Package Management. Manage your software dependencies and distribution with Enterprise-grade package management.

     

linux windows cloud packaging distribution debian nuget maven python rpm redhat ruby

Codeine

Codeine is a continuous deployment tool that makes product deployment faster and safer through automation and monitoring.

     

linux windows open-source cd monitoring

Concourse

Concourse is a CI system composed of simple tools and ideas. It can express entire pipelines, integrating with arbitrary resources, or it can be used to execute one-off tasks, either locally or in another CI system.

     

linux open-source go ci cd

ConDep

ConDep is a open source infrastructure configuration and deployment DSL (Domain Specific Language) specifically targeted to (but not limited to) the Windows Server platform. If your familiar with tools like Chef and Puppet, ConDep does very much the same, but with native support for Windows.

     

windows open-source ci provisioning config-mgmt net

ConfigCat

ConfigCat is a feature flags as a service. It gives you a web based dashboard to manage your feature flags + SDKs to integrate those feature flags into your applications. ConfigCat enables you to use the same feature flags in your mobile apps, websites and server-side applications. It offers all features for free. You get an enterprise-ready SLA with the pricing plans.

     

linux osx windows open-source free commercial ci cd config-management go java net nodejs php python ruby

Coveralls

Coveralls works with your continuous integration server to give you test coverage history and statistics. Free for open source, pro accounts for private repos, instant sign up with GitHub OAuth.

     

free commercial ci

DeployKit

A generic integration tool built on a Message Queue, to make it easy to communicate events and triggers across various parts parts of the infrastructure. Created to ease the pain of configuring many disparate events in a CI

     

linux windows osx open-source ci ruby

Deploy Studio

An tools for re-imaging and provisioning OSX devices

     

osx provisioning orchestration config hardening

Dist

Private, fully managed Docker Container Registries and Maven Repositories. Works with native tooling, no plugins required. Reliable, secure, and fast (with a purpose built CDN).

     

linux cloud packaging maven java clojure scala

Draft

Streamlined Kubernetes Development. Simple app development & deployment - into any Kubernetes cluster.

     

linux open-source ci cd

Drone

Drone is a Continuous Integration platform built on Docker, written in Go

     

linux windows osx open-source ci cd

Fig

A package management tool, similar to Ivy/APT, but language agnostic, faster and works well with both executables and libraries.

     

linux windows osx open-source packaging ruby

FPM

Effing Package Managers (FPM) is a single tool that can generate rpm, deb, solaris, osx (pkg) and many other packages. It supports multiple inputs (directory, gem, egg, deb, etc) and can produce multiple outputs (rpm, deb, solaris, etc). It relieves the pain out of creating various kinds of packages.

     

linux osx open-source packaging ruby

Gauntlt

Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.

     

linux open-source security hardening ruby

GitBucket

A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility.

     

linux windows osx bsd solaris open-source scm vcs ci

GitLab CI

GitLab CI integrates with GitLab and runs continuous integration builds whenever you check in code to any of your projects.

     

linux open-source ci ruby

GoCD

Go is a continuous delivery and release management tool, built from the ground up with pipelines in mind, and makes it easy to model complex build and deploy workflows

     

linux windows osx open-source ci java

Habitat by CHEF

Habitat is open source software that creates platform-independent build artifacts and provides built-in deployment and management capabilities.

     

linux windows osx open-source commercial cd

Harbor

Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.

     

linux open-source security hardening

Hardening Framework

The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.

     

linux open-source security hardening chef puppet ansible

Hubot

Hubot is a chat bot that can be configured to do a variety of tasks. Apart from usual CI stuff like deploying, it can be interestingly configured to do different workflows like posting images, translating languages and integrating with Google Maps, and being a bot, it can be configured to ask questions like what is the current deployed version, etc.

     

linux windows osx open-source ci nodejs

Intelliment Security Policy Automation

Intelliment is a platform to allow enterprises to automate their network security policy management in order to help them better handle their security at scale and to respond faster to network threats

     

linux commercial security orchestration provisioning networking firewall

Jenkins

Jenkins is an open source, lightweight CI tool written in Java, with high extensibility and a fast release cycle. It was forked from Hudson after Oracle acquired it, and has since added significantly more features than the original

     

linux windows osx open-source ci java

Jenkins X

Jenkins X provides pipeline automation, built-in GitOps and preview environments to help teams collaborate and accelerate their software delivery at any scale.

     

linux windows osx open-source ci cd artifacts packaging provisioning

Knative

Kubernetes-based platform to build, deploy, and manage modern serverless workloads.

     

linux open-source ci cd

Laminar

Laminar is a lightweight and modular Continuous Integration service for Linux. It is self-hosted and developer-friendly, eschewing a configuration web UI in favor of simple version-controllable configuration files and scripts.

     

linux open-source ci

Nevercode

Develop apps 20% faster with the leading CI/CD partner Cloud-based continuous integration & delivery for iOS, Android, Cordova, Ionic, React Native & Flutter projects.

     

cloud commercial ci cd

NGINX Amplify

Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.

     

linux bsd free commercial logging monitoring metrics visualization security hardening errors

Open Build Service

Build and distribute Linux packages from sources in an automatic, consistent and reproducible way

     

linux open-source cd open-source

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

packagecloud

A hosted platform for managing software package repositories. Apt, yum, and rubygems repositories without the headaches.

     

linux packaging

PHPCI

Free and open source continuous integration specifically designed for PHP.

     

osx open-source free bsd ci cd

Prevoty Application Monitoring & Protection (AMP)

Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.

     

linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci

Prow

row is a Kubernetes based CI/CD system. Jobs can be triggered by various types of events and report their status to many different services. In addition to job execution, Prow provides GitHub automation in the form of policy enforcement, chat-ops via /foo style commands, and automatic PR merging.

     

linux open-source ci cd open-source

Pulp

A platform for managing software package repositories

     

linux open-source packaging python

QuickCheck CI

QuickCheck CI is a continuous integration server that runs QuviQ QuickCheck on a project. QuickCheck is a tool for automatically generating test cases from specified properties of the software under test.

     

linux windows osx bsd solaris commercial free (beer) Quviq Licence http://quickcheck-ci.com/EQC_CI_LICENCE.txt ci

ReleaseIQ

ReleaseIQ helps companies accelerate software product release cycles while improving quality and efficiency with an Enterprise DevOps Platform that leverages existing CI/CD tools

     

linux free commercial ci cd orchestration

Semaphore

Semaphore is a hosted continuous integration and deployment service for open source and private projects. Its cloud solution helps developers find bugs before they reach users and deliver new features faster.

     

linux open-source free commercial ci ruby php nodejs

Shippable

CI/CD and DevOps automation platform with Docker support that simplifies provisioning, building, testing, and deploying any application anywhere.

     

linux free commercial ci cd provisioning orchestration config-management

Simp

Compliance automation

     

linux open-source security

Skaffold

Skaffold handles the workflow for building, pushing and deploying your application. So you can focus more on application development.

     

linux windows osx open-source ci cd

Snitch

SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to

     

monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening

Snort

Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.

     

open-source security hardening

Spinnaker

Spinnaker is an open source, multi-cloud continuous delivery platform for releasing software changes with high velocity and confidence. It provides two core sets of features: cluster management and deployment management.

     

linux windows osx open-source cd java

SSH KeyBox

An open-source jump box solution with auditing capabilities

     

linux open-source cloud monitoring security java

StackStorm

A platform for event-driven automation. StackStorm allows you to integrate and automate across services and tools. It ties together your existing infrastructure and application environment so you can more easily automate that environment -- with a particular focus on taking actions in response to events.

     

automation cd provisioning cloud orchestration config-mgmt orchestration python linux open-source apache2

System Integrety Management Platform

SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.

     

config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework

TeamCity

From JetBrains (makers of IntelliJ), TeamCity is a feature packed CI tool with out-of-the-box support for Java, .Net, Ruby and many other languages. It has deep language-aware integration, like maven, RVM, rake, popular testing frameworks, code coverage, etc, and consequently it occupies more resources. It has a liberal free usage license.

     

linux windows osx free commercial ci

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

Tekton

A Kubernetes-native pipeline resource. The Tekton Pipelines project provides Kubernetes-style resources for declaring CI/CD-style pipelines.

     

linux open-source ci cd kubernetes

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Tinfoil Security

Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.

     

linux windows osx free commercial ci monitoring security

Travis-CI

Travis CI is a hosted CI service free for open source communities. It directly integrates with GitHub, BitBucket and many other version control systems, and offers deep support for a variety of languages. Travis also has an Enterprise version that can be installed on your own servers.

     

linux free commercial ci java

VAddy

VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.

     

linux windows osx free commercial ci cloud security

Vault

Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

     

linux windows osx bsd solaris open-source comercial security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python

Verdaccio

Verdaccio is an open-source local repository for NPM packages. It provides private-access packages, caching, and overriding public packages.

     

linux windows osx bsd solaris open-source free packaging artifacts

webhook

Configurable incoming webhook server

     

linux windows osx bsd solaris open-source ci cd orchestration

Oracle-Wercker

Continuous delivery to the cloud

     

commercial cloud cd

werf

werf is CI/CD tool for building Docker images and delivering them to Kubernetes using a GitOps approach. It integrates with any existing CI systems including GitLab CI, GitHub Actions, etc.

     

linux windows osx open-source ci kubernetes virt go