Akeyless Vault

Secrets Management: Automate Secrets across your DevOps tools and cloud platforms using a secured vault for credentials, tokens, API-Keys and passwords.

     

linux windows osx bsd solaris free commercial security

Archiva

Apache Archiva™ is an extensible repository management software that helps taking care of your own personal or enterprise-wide build artifact repository.

     

linux windows osx bsd solaris open-source artifacts

Berkshelf

A cookbook source structure manager for Chef, similar to Bundler for Ruby. Each Chef cookbook can be structured as an individual entity and can be pulled into your main Chef workflows.

     

linux windows osx open-source scm ruby

Cloud Application Manager

Cloud Application Manager is a software-defined managed services orchestration platform that enables the configuration, deployment, management and automation of applications within public, private and hybrid IT environments.

     

linux osx solaris windows commercial cloud-paas config-mgmt provisioning orchestration

Checkov

Infrastructure as Code security scanner supporting Kubernetes, Helm, Terraform, CloudFormation, ARM templates and more.

     

linux windows osx open-source security

CloudRepo

Public and Private Maven and Python (PyPi) repositories. Fully managed and highly available repository hosting.

     

linux windows osx bsd solaris commercial packaging artifacts java clojure scala groovy python pypi cloud maven sbt leiningen gradle ivy

Fig

A package management tool, similar to Ivy/APT, but language agnostic, faster and works well with both executables and libraries.

     

linux windows osx open-source packaging ruby

FPM

Effing Package Managers (FPM) is a single tool that can generate rpm, deb, solaris, osx (pkg) and many other packages. It supports multiple inputs (directory, gem, egg, deb, etc) and can produce multiple outputs (rpm, deb, solaris, etc). It relieves the pain out of creating various kinds of packages.

     

linux osx open-source packaging ruby

Gerrit

A Web based code review and project management system for Git projects

     

linux windows osx open-source scm java

GitBucket

A Git platform powered by Scala with easy installation, high extensibility & GitHub API compatibility.

     

linux windows osx bsd solaris open-source scm vcs ci

gitea

Gitea is a community managed lightweight code hosting solution written in Go. It published under the MIT license.

     

linux windows osx open-source scm vcs

Herd

A bittorrent based file distribution system based on Twitter’s Murder. It uses BitTorrent to push artifacts and code very fast across thousands of servers.

     

linux windows osx open-source packaging python

Jenkins X

Jenkins X provides pipeline automation, built-in GitOps and preview environments to help teams collaborate and accelerate their software delivery at any scale.

     

linux windows osx open-source ci cd artifacts packaging provisioning

Librarian-Puppet

Librarian-Puppet is a source structure and dependency manager for Puppet modules, similar to bundler for Ruby. Each Puppet module can be managed as a separate source repository with individual versioning, and can then be pulled into your Puppetfile.

     

linux windows osx open-source scm ruby

mgmt

The mgmt tool is a distributed, event driven, config management tool, that supports parallel execution, and librarification to be used as the management foundation in and for, new and existing software.

     

linux osx open-source config config-mgmt

OneDev

The open source git server with unique features.

     

linux windows osx bsd solaris open-source scm vcs

ossec

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Mac OS X, Solaris and Windows

     

open-source security hardening linux windows solaris osx bsd

Zed Attack Proxy (ZAP)

A penetration testing tool for finding vulnerabilities in web applications, from OWASP

     

linux windows osx open-source security

Phabricator

Phabricator is an open source collection of development and code management, including code reviews and audits, browsing repositories, tracking bugs, etc

     

linux osx open-source scm php

Prevoty Application Monitoring & Protection (AMP)

Prevoty enables DevOps to inject security into your web applications and web services. Protection is provided at runtime from within the application itself, and stays with the app regardless of deployment method (cloud, on-premises, etc). Applications are protected against threats including XSS, SQLi, CSRF, command injection, etc. Works with Puppet, Chef, Ansible, Docker, Splunk, QRadar, ELK, and many others.

     

linux windows osx bsd commercial go java net nodejs perl php python ruby monitoring security hardening chef puppet ansible metrics-visualization ci

Puppet

Puppet is a tool designed to manage the configuration of Unix-like and Microsoft Windows systems declaratively.

     

linux windows osx open-source config-mgmt ruby

r10k

r10k provides a general purpose toolset for deploying Puppet environments and modules. It implements the Puppetfile format and provides a native implementation of Puppet dynamic environments.

     

linux windows osx open-source free scm

SaltStack

Salt is a powerful and different approach to infrastructure management, by focusing on high speed communications between large number of systems, and can perform orchestration, remote code execution and much more.

     

linux windows osx open-source commercial config-mgmt provisioning orchestration python

Snitch

SaaS SSL monitoring and alerting. Snitch audits for revocation, expiration, changes to the certificate, known security vulnerabilities, and best practices. Snitch worries about your SSL/TLS certificate so you don't have to

     

monitoring commercial linux windows freebsd bsd solaris osx metrics security hardening

TeamPass

TeamPass is a Collaborative Passwords Manager. Its aim is to provide the ability to share password items through a secured and managed environment.

     

linux windows osx bsd solaris open-source security

testssl.sh

A command-line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. It's designed to provide clear output for your "is this good or bad" decision.

     

linux osx open-source security shell

Tinfoil Security

Thorough web application security testing, with an extensive API, easy to hook into CI and issue tracking tools.

     

linux windows osx free commercial ci monitoring security

VAddy

VAddy integrates with your existing CI tools and performs robust security checks. Cloud-Based Service Automates Security Tests for DevOps Teams.

     

linux windows osx free commercial ci cloud security

Vagrant Cachier

A Vagrant plugin that helps you reduce the amount of coffee you drink while waiting for boxes to be provisioned by sharing a common package cache among similiar VM instances.

     

linux windows osx open-source virt artifacts ruby

Vault

Manage Secrets and Protect Sensitive Data. Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.

     

linux windows osx bsd solaris open-source comercial security

Vaurien

A Chaos Monkey for TCP, it randomly disconnects or stalls TCP connections in your application to test application tolerance and high availability. Makes sure you correctly handle these unexpected events

     

linux windows osx open-source security python

Veewee

veewee is a great tool for building Virtual Machine images (aka base boxes). It automates most of the steps and allows you to easily create readymade images for VirtualBox/Vagrant, VMWare Fusion, KVM and Parallels. No longer need to shy away from building custom VM images!

     

linux osx windows open-source virt packaging ruby

Verdaccio

Verdaccio is an open-source local repository for NPM packages. It provides private-access packages, caching, and overriding public packages.

     

linux windows osx bsd solaris open-source free packaging artifacts