Discord: https://discord.gg/9unhWAqadg
Gapps is an Security compliance platform that makes it easy to track your progress against various security frameworks. Currently the only framework supported is SOC2 - however other frameworks will soon be added such as CIS CSC, CMMC and NIST CSF. Gapps is currently in Alpha mode - while it works great, there may be some breaking changes as it evolves.
- 200+ controls and 25+ policies out of the box for SOC2 (majority of policies are sourced from strongdm/comply)
- Track the status of each control
- Add custom controls/policies
- WYSIWYG content editor
gapps_intro.mp4
| Home Dashboard |
|---|
 |
| Complete Controls |
|---|
 |
The following instructions are to get you started very quickly.
$ git clone https://github.com/bmarsh9/gapps.git; cd gapps
$ docker build --tag gapps:2.0.0 .
$ export SETUP_DB=yes;docker-compose up -d
The server should be running on http://<your-ip>:5000
The default email/password is admin@example.com:admin
Next, create a project and select the framework (SOC2). Based on the selected criteria, controls and policies will be automatically added to your project. You can also go to the Controls and Policies page and add them to your project.
- Add additional frameworks such as NIST CSF, CMMC and CIS CSC
- Add procedures for SOC2
- Add evidence collection windows for SOC2
- Add reminders for control/evidence collection
- Add tagging support
- Improve policies and documentation
- Release endpoint agent to automate collection