Open Policy Agent (OPA) is an open source, general-purpose policy engine.

An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Goo…

An authorization library that supports access control models like ACL, RBAC, ABAC in Java

An Implementation of using Graphql and Casbin together

graphql-authz is an authorization middleware for graphql-go

This repository contains the Curity Identity Server helm chart source code.

An example on how to create an OpenID client with Spring Security that uses mutual TLS client authentication to retrieve the token.

Secure Jupyter Notebooks and Experimentation Environment

Approzium allows a cloud service to authenticate to a database without ever having access to its password

NGINX module that introspects phantom access tokens according to RFC 7662

OAuth + JupyterHub Authenticator = OAuthenticator

A JupyterLab extension to evaluate the security of your Jupyter environment

Python tool to backup unifi event clips in realtime

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

This is the development repository for the OpenFHE library. The current (stable) version is v1.2.0 (released on June 25, 2024).

The Security Toolkit for LLM Interactions

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

Six Degrees of Domain Admin

Neo4j Cybersecurity Demo

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

verinice is a tool for managing information security.

Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on using the tool.

Pluggable ABAC/PBAC middleware

Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications

Official command-line tool for managing SpiceDB

Oso is a batteries-included framework for building authorization in your application.

A curated list of OPA related tools, frameworks and articles

Runtime Security Enforcement System. Workload hardening/sandboxing and implementing least-permissive policies made easy leveraging LSMs (BPF-LSM, AppArmor).