Arudjreis / awesome-security-GRCView external linksLinks
Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).
☆974Sep 7, 2025Updated 5 months ago
Alternatives and similar repositories for awesome-security-GRC
Users that are interested in awesome-security-GRC are comparing it to the libraries listed below
Sorting:
- A minimalist risk management program!☆151Aug 10, 2022Updated 3 years ago
- A hands-on, real-world GRC lab series built for beginners and curious pros alike. No PDFs. No gatekeeping. Just practical labs for unders…☆92Nov 6, 2025Updated 3 months ago
- OWASP Foundation Web Respository☆70Feb 7, 2026Updated last week
- Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking☆643Jul 8, 2025Updated 7 months ago
- CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports…☆3,586Updated this week
- Config files for my GitHub profile.☆428Dec 29, 2025Updated last month
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆54Oct 22, 2021Updated 4 years ago
- Compliance automation framework, focused on SOC2☆1,484Jul 21, 2022Updated 3 years ago
- ☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬☆103Jun 14, 2021Updated 4 years ago
- An open source Governance Risk Compliance (GRC) solution for corporates and government☆34Jul 10, 2017Updated 8 years ago
- An open source, self-service GRC tool to automate security assessments and compliance.☆204Dec 10, 2024Updated last year
- This GRC Portfolio Hub is my initiative to empower GRC professionals in showcasing their practical AWS GRC engineering implementation ski…☆41Aug 6, 2025Updated 6 months ago
- ☆52Dec 18, 2025Updated last month
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆340Dec 9, 2025Updated 2 months ago
- Useful templates and working document for implementing ISO 27001 - ISMS☆211Dec 18, 2025Updated last month
- ☆13Jan 2, 2024Updated 2 years ago
- The GitHub repo for the GRC Engineering For AWS Book. Everything You Need to Become a GRC Engineer in the Cloud GRC engineering bridges t…☆30Jul 25, 2025Updated 6 months ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,538Jul 28, 2024Updated last year
- ☆1,049Aug 22, 2025Updated 5 months ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆497Apr 3, 2024Updated last year
- Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS…☆1,510Jan 28, 2026Updated 2 weeks ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆263Jul 5, 2025Updated 7 months ago
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆144Jan 2, 2026Updated last month
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆127Jul 14, 2024Updated last year
- ☆638Mar 11, 2025Updated 11 months ago
- compliance assessment and POA&M management for CMMC/NIST 800-171A☆105Jan 2, 2025Updated last year
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,707Aug 2, 2024Updated last year
- ⚖Open Source Toolkit for Quantitative Risk Assessment☆182Dec 21, 2022Updated 3 years ago
- A curated list of tools for incident response☆8,808Jul 18, 2024Updated last year
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,354Nov 8, 2024Updated last year
- Segment's Threat Modeling training for our engineers☆245May 4, 2021Updated 4 years ago
- Open Security Controls Assessment Language (OSCAL)☆849Updated this week
- Incident Response Methodologies 2022☆1,100Apr 11, 2025Updated 10 months ago
- A collection of awesome security hardening guides, tools and other resources☆6,113Jan 20, 2026Updated 3 weeks ago
- Multi-Cloud Security Auditing Tool☆7,537Sep 23, 2025Updated 4 months ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,621Updated this week
- Open source templates you can use to bootstrap your security programs☆888Dec 28, 2025Updated last month
- Machine readable cybersecurity compliance standards library for Python, starting with FISMA and NIST Risk Management Framework☆63Apr 15, 2020Updated 5 years ago
- Repository for the Open Information Security Risk Universe☆64Jul 10, 2022Updated 3 years ago