← Back to all products

Compliance Checker

$29

Validate apps against OWASP Top 10, CIS benchmarks, and security header best practices.

📁 10 files
JSONMarkdownPythonCI/CD

📄 Product Preview

Try the interactive reader and demo tools below, or get the full product with all content unlocked.

📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample

📁 File Structure 10 files

compliance-checker/ ├── LICENSE ├── README.md ├── examples/ │ └── compliance_config.json ├── free-sample.zip ├── guide/ │ ├── 01_features.md │ ├── 02_quick-start.md │ ├── 03_configuration-reference.md │ └── 04_license.md ├── index.html └── src/ └── compliance_checker.py

📖 Documentation Preview README excerpt

Compliance Checker

Validate web applications against OWASP Top 10, CIS benchmark guidelines, and security header best practices. Get a compliance score and remediation steps in minutes.

Features

  • OWASP Top 10 (2021) — automated checks for the most critical web security risks
  • CIS benchmark guidelines — server configuration hardening checks
  • Security header validation — HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
  • Compliance scoring — letter-grade rating (A through F) based on pass/fail ratio
  • Remediation recommendations — actionable fix for each failed check
  • Multiple frameworks — run OWASP, CIS, or both with --all
  • CI/CD friendly — exit codes and pass/fail thresholds for automated pipelines
  • JSON and console output — structured data or human-readable reports
  • Non-destructive — all checks are passive HTTP requests

Requirements

  • Python 3.10+
  • No external dependencies (stdlib only)

Quick Start


# Quick compliance check with all frameworks
python src/compliance_checker.py --target api.example.com

# OWASP Top 10 only
python src/compliance_checker.py --target example.com --framework owasp

# Full check with JSON output
python src/compliance_checker.py --target example.com --all --output report.json

Output

The report includes a compliance score, a categorized list of passed/failed checks, and specific remediation steps for each failure. JSON output is structured for integration with dashboards or ticketing systems.

Configuration Reference

Use a config file for repeatable checks (see examples/compliance_config.json):


{
    "target": "https://app.example.com",
    "checks": {
        "owasp_top_10": true,
        "cis_benchmarks": true,
        "security_headers": true
    },
    "fail_threshold": 70,
    "output_format": "json"
}
FieldTypeDescription
targetstringURL to validate
checks.owasp_top_10boolRun OWASP Top 10 checks
checks.cis_benchmarksboolRun CIS benchmark checks

... continues with setup instructions, usage examples, and more.

📄 Code Sample .py preview

src/compliance_checker.py #!/usr/bin/env python3 """ Compliance Checker — Security Kit (DataNest) Validates systems and web applications against OWASP Top 10, CIS benchmark guidelines, and security header best practices. Generates compliance reports. Usage: python compliance_checker.py --target api.example.com python compliance_checker.py --target example.com --framework owasp python compliance_checker.py --target example.com --all --output report.json Dependencies: Python 3.10+ stdlib only (no pip packages) License: MIT """ from __future__ import annotations import argparse import json import logging import socket import ssl import sys import urllib.request import urllib.error from dataclasses import dataclass, field, asdict from datetime import datetime, timezone from pathlib import Path from typing import Any # --------------------------------------------------------------------------- # Constants # --------------------------------------------------------------------------- logger = logging.getLogger("compliance_checker") HTTP_TIMEOUT = 10 # OWASP Top 10 (2021) categories we can check remotely OWASP_TOP_10 = { "A01": "Broken Access Control", "A02": "Cryptographic Failures", "A03": "Injection", "A04": "Insecure Design", "A05": "Security Misconfiguration", "A06": "Vulnerable and Outdated Components", "A07": "Identification and Authentication Failures", "A08": "Software and Data Integrity Failures", "A09": "Security Logging and Monitoring Failures", "A10": "Server-Side Request Forgery", # ... 441 more lines ...
Buy Now — $29 Back to Products