Security & Privacy

A curated collection of the best authentication, secrets, scanning, and privacy tools.

Favicon

 

  
  
Favicon

 

  
  
Favicon

 

  
  
Favicon

 

  
  
Favicon

 

  
  
Favicon

 

  
  

Security & Privacy covers the tools developers and operators use to keep systems, credentials, and data from being exposed or exploited. That spans a wide range of jobs: storing secrets and passwords (vault, vaultwarden), scanning containers and code for vulnerabilities (trivy, nuclei), managing authentication in front of internal apps (authelia), and monitoring hosts and logs for signs of compromise (wazuh). Some repos are single-purpose utilities you drop into a CI pipeline; others are full platforms meant to run as long-lived services with their own storage, agents, and dashboards.

Picking between them starts with the actual problem. Secrets management (vault, vaultwarden) is about controlling access to credentials and API keys, not scanning for bugs. Vulnerability and dependency scanning (trivy, nuclei) fits into build pipelines and finds known issues in images, packages, or exposed services before attackers do. Identity and access tools (authelia) sit in front of other services to add login, MFA, and access policy without changing the apps themselves. Detection and monitoring platforms (wazuh) collect logs and events across a fleet and flag anomalies after deployment. Many setups use several of these together rather than picking one.

When comparing options, weigh:

  • Deployment model: a lightweight CLI scanner you run in CI versus a stateful service with a database and agents to maintain.
  • Integration points: does it plug into your existing reverse proxy, CI system, or SIEM, or does it require rearchitecting?
  • Update cadence: vulnerability databases and detection rules go stale fast, so check how often signatures and CVE feeds are refreshed.
  • License and self-hosting: most projects here are self-hosted and open-source, but check for paid tiers gating features like SSO, clustering, or extended log retention.
  • Operational overhead: some tools need dedicated storage, backups, and monitoring themselves, which adds to the security surface you're trying to reduce.

Frequently asked questions