* [Comp AI v3.0.0](https://github.com/trycompai/comp) – Compliance platform automating evidence collection, policy management, and control implementation for SOC 2, ISO 27001, HIPAA, and GDPR.

* [cnspec v13.1.0](https://github.com/mondoohq/cnspec) – Cloud-native policy-as-code engine that scans infrastructure, containers, Kubernetes, cloud services, and code for vulnerabilities and misconfigurations.

* [Open Policy Agent v1.14.0](https://github.com/open-policy-agent/opa) – General-purpose policy engine for unified, context-aware policy enforcement across various systems.

* [Chainloop v1.82.0](https://github.com/chainloop-dev/chainloop) – Evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports.

* [ISMS Builder v1.35.0](https://github.com/coolstartnow/isms-builder) – Self-hosted web platform for managing information security compliance across ISO 27001, NIS2, GDPR, and BSI IT-Grundschutz.

* [Probo - Open Source Compliance v0.141.0](https://github.com/getprobo/probo) – Compliance platform tailored for startups to achieve SOC-2 readiness with automated risk assessment and policy generation.

* [Chef InSpec v5.24.7](https://github.com/inspec/inspec) – Testing framework for infrastructure that specifies compliance, security, and policy requirements.

* [Wazuh Dashboard Plugins v4.14.4](https://github.com/wazuh/wazuh-dashboard-plugins) – Collection of plugins that extend the Wazuh dashboard with UI panels for security events, integrity, vulnerability, and compliance monitoring.

* [UTMStack v11.2.4](https://github.com/utmstack/UTMStack) – Enterprise-ready SIEM and XDR platform offering real-time log correlation, threat intelligence, and incident response.

* [AuditKit v0.8.2](https://github.com/guardian-nexus/AuditKit-Community-Edition) – Multi-cloud compliance scanner that audits AWS, Azure, GCP, and M365 against standards and generates audit-ready reports.

* [Nepal Compliance v0.2.1](https://github.com/yarsa/nepal-compliance) – ERPNext-based solution customizing HR, payroll, and accounting to meet Nepalese legal and regulatory requirements.

* [Ackify v1.3.5](https://github.com/kOlapsis/ackify) – Secure document reading validation with Ed25519 signatures and immutable audit trails.

* [Grant v0.6.3](https://github.com/anchore/grant) – CLI and Go library for scanning and enforcing software licenses in container images, SBOMs, and filesystems.

* [opa-envoy-plugin v1.14.1-envoy](https://github.com/open-policy-agent/opa-envoy-plugin) – Extends OPA to enforce fine-grained, context-aware policies for Envoy via the External Authorization gRPC API.

* [Clouditor Community Edition v2.0.0-alpha.18](https://github.com/clouditor/clouditor) – Continuous cloud-assurance platform that evaluates cloud configurations for security and compliance against standards like C5 and CSA CCM.