CERTCC / SSVC
Stakeholder-Specific Vulnerability Categorization
☆133Updated last week
Alternatives and similar repositories for SSVC:
Users that are interested in SSVC are comparing it to the libraries listed below
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆70Updated 7 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆62Updated this week
- ☆47Updated this week
- ☆16Updated last year
- CISA CSAF Security Advisories☆55Updated this week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆128Updated 10 months ago
- Documentation on the Cyber Defense Matrix☆24Updated last year
- Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…☆54Updated this week
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆170Updated 3 weeks ago
- ☆17Updated 7 months ago
- Global Security Database Tools☆41Updated last year
- VulnCheck's official command line tool☆124Updated this week
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆60Updated 8 months ago
- ☆88Updated 3 weeks ago
- Controls Assessment Specification☆66Updated 6 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 3 months ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆44Updated this week
- A standard API specification for exchanging supply chain artifacts and intelligence☆65Updated last week
- ☆66Updated 6 months ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆59Updated this week
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- OWASP Foundation Web Respository☆28Updated last year
- Exploit Prediction Scoring System (EPSS)☆24Updated 2 years ago
- A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain☆87Updated 10 months ago
- ☆70Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆85Updated 11 months ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆74Updated 3 years ago
- OASIS TC Open Repository: A GitHub repository for management of non-normative information about the work of the CSAF Technical Committee,…☆19Updated this week
- A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…☆73Updated 3 months ago
- A tool that allows you to document and assess any security automation in your SOC☆43Updated last month