Secrets Management: Automate Secrets across your DevOps tools and cloud platforms using a secured vault for credentials, tokens, API-Keys and passwords.
linux windows osx bsd solaris free commercial security
Assimilation System Management Suite
The Assimilation Suite discovers systems, services, network connections, configuration and dependencies, IP and MAC addresses. This all goes into a continually updated graph-based configuration management database (CMDB). This is then compared and scored against best practices, services and servers are monitored - all with near-zero configuration - in a way that scales to hundreds of thousands of servers. It also provides visualization tools, APIs for sending alerts to humans and other systems, and a variety of canned reports (queries) to aid in securing and managing systems, hooking into ChatOps, and creating plans for triaging your security issues
linux open-source commercial C shell python config CMDB service-discovery monitoring visualization security hardening
Bastillion is an open-source web-based SSH console that centrally manages administrative access to systems. A bastion host for administrators with features that promote infrastructure security, including key management and auditing.
linux open-source security
Lightweight Data Shippers. Beats is the platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.
linux windows osx open-source metrics logging monitoring
Bosun is an open-source, MIT licensed, monitoring and alerting system by Stack Exchange. It has an expressive domain specific language for evaluating alerts and creating detailed notifications. It also lets you test your alerts against history for a faster development experience.
linux windows osx open-source visualization metrics
Infrastructure as Code security scanner supporting Kubernetes, Helm, Terraform, CloudFormation, ARM templates and more.
linux windows osx open-source security
Datadog is a full-stack monitoring service for large-scale cloud environments that aggregates metrics/events from servers, databases, and applications. The SaaS-based data analytics platform helps Dev & Ops teams resolve performance issues, and ensure timely completion of dev/deployment cycles.
linux windows osx commercial monitoring metrics visualization
An tools for re-imaging and provisioning OSX devices
osx provisioning orchestration config hardening
Flexible operating-system event and metric forwarding agent. Receives input and forwards output using plugins.
linux windows osx open-source metrics monitoring ruby
Gauntlt provides hooks to a variety of security tools and puts them within reach of security, dev and ops teams to collaborate to build rugged software. It is built to facilitate testing and communication between groups and create actionable tests that can be hooked into your deploy and testing processes.
linux open-source security hardening ruby
Graphite and InfluxDB dashboard and graph composer
linux open-source monitoring visualization
Graphite is a visualization tool for statistics configured from various sources. You can create customizable reports and dashboards, and it is one of the preferred backends for Statsd
linux open-source monitoring python visualization
Harbor is an open source cloud native registry that stores, signs, and scans container images for vulnerabilities. Harbor solves common challenges by delivering trust, compliance, performance, and interoperability. It fills a gap for organizations and applications that cannot use a public or cloud-based registry, or want a consistent experience across clouds.
linux open-source security hardening
The Hardening Framework combines DevOps with security by adding a security layer into your automation framework, that configures your operating systems and services. It takes care of difficult settings, compliance guidelines, cryptography recommendations, and secure defaults. Works great with Puppet, Chef and Ansible.
linux open-source security hardening chef puppet ansible
InfluxDB is a time series, metrics, and analytics database. It’s written in Go and has no external dependencies. InfluxDB is targeted at use cases for DevOps, metrics, sensor data, and real-time analytics.
linux open-source monitoring go metrics
Instrumental is a real-time, high-scale application and server monitoring tool with intelligent alerts, a powerful query language, and free development accounts.
linux windows oxs free metrics commercial metrics monitoring visualization php ruby python net java nodejs
Intelliment Security Policy Automation
Intelliment is a platform to allow enterprises to automate their network security policy management in order to help them better handle their security at scale and to respond faster to network threats
linux commercial security orchestration provisioning networking firewall
KairosDB is a fast distributed scalable time series database written on top of Cassandra. RESTful JSON-based query/results. Includes flot-based visualization.
linux windows osx open-source metrics visualization java cassandra
Kibana is a modern, beautiful visualization tool that works seamlessly with Logstash and ElasticSearch. It features a no-code setup, realtime analytics, and much more.
linux windows osx open-source monitoring nodejs visualization
Nagios Log Server
Nagios Log Server greatly simplifies the process of searching your log data. Set up alerts to notify you when potential threats arise, or simply query your log data to quickly audit any system. With Nagios Log Server, you get all of your log data in one location, with high availability and fail-over built right in.
linux commercial monitoring metrics visualization java php ruby shell
Nagios Network Analyzer
Nagios Network Analyzer provides an in-depth look at all network traffic sources and potential security threats allowing system admins to quickly gather high-level information regarding the health of the network as well as highly granular data for complete and thorough network analysis using netflow, sflow, jflow, etc.
linux commercial monitoring metrics visualization c php python shell
Nagios XI provides monitoring of all mission-critical infrastructure components including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Hundreds of third-party addons provide for monitoring of virtually all in-house and external applications, services, and systems.
linux commercial monitoring metrics visualization c php python perl shell
Amplify is free monitoring tool for NGINX. Amplify offers extended NGINX metric collection, visualization, monitoring, and a static analyzer for NGINX configuration. It's simple to set up, yet powerful enough to bring the much needed insight into NGINX performance. Amplify is a SaaS developed and operated by Nginx, Inc. Keep NGINX up to date and secure with a native monitoring solution.
linux bsd free commercial logging monitoring metrics visualization security hardening errors
okmeter.io is an integrated and ready-to-use monitoring solution. It autodiscovers sevices and collects 1000s of metrics from each kind of source — hardware, OS, net stack, processes, databases, queue, web-servers, etc. Okmeter goes with preset dashboards and preconfigured triggers on common pitfalls for all those services.
linux bsd commercial monitoring metrics visualization
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows
open-source security hardening linux windows solaris osx bsd
Know when, where and why code breaks in pre-production and production.
linux osx windows java errors metrics visualization monitoring
Zed Attack Proxy (ZAP)
A penetration testing tool for finding vulnerabilities in web applications, from OWASP
linux windows osx open-source security
Prevoty Application Monitoring & Protection (AMP)
Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.
linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci
Prometheus is an open-source systems monitoring and alerting toolkit built at SoundCloud.
linux open-source go metrics monitoring
Redash is an open source tool for teams to query, visualize and collaborate. Redash is quick to setup and works with any data source you might need so you can query from anywhere in no time. Share your results and dashboards with other team members and empower your entire organization to be data driven with no-code filters and parameters that instantly adjust.
open-source monitoring visualization
SignalFx is an advanced monitoring and alerting solution for modern infrastructure. With SignalFx, development and operations teams monitor, analyze, and alert in real-time on any time series data.
linux windows oxs commercial go python c metrics monitoring visualization
linux open-source security
SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to
monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening
Snort is an open-source, free and lightweight network intrusion detection system (NIDS) software for Linux and Windows to detect emerging threats.
open-source security hardening
An open-source jump box solution with auditing capabilities
linux open-source cloud monitoring security java
System Integrety Management Platform
SIMP is an enterprise ready, full-featured, infrastructure framework designed around policy compliance and enforcement over time. It aims to be an open source practical reference implementation for both policy and best security practice able to run in both enclave and cloud environments.
config-mgmt linux open-source security hardening puppet nist-800-53 disa-stig fips compliance automation framework
TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.
linux windows osx bsd solaris open-source security
A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.
linux osx open-source security shell
Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.
linux windows osx free commercial ci monitoring security
VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.
linux windows osx free commercial ci cloud security
Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
linux windows osx bsd solaris open-source comercial security
A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events
linux windows osx open-source security python
Netflix Vizceral is a component for displaying traffic data on a webgl canvas. If a graph of nodes and edges with data about traffic volume is provided, it will render a traffic graph animating the connection volume between nodes. This component can take multiple traffic graphs and will generate a 'global' graph showing all incoming traffic into each of the 'regions', with support for cross-region traffic. There are three levels of information, global, regional, and service-level, with clicking or double-clicking on a node bringing you one level deeper.
linux open-source monitoring visualization