Alternatives and similar repositories for SSVC

Users that are interested in SSVC are comparing it to the libraries listed below

• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆214Updated last week
• cisagov / CSAF
  CISA CSAF Security Advisories
  ☆90Updated this week
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆82Updated last year
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆166Updated this week
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated 2 years ago
• RiskBasedPrioritization / RiskBasedPrioritization.github.io
  ☆19Updated 5 months ago
• anchore / nvd-data-overrides
  ☆48Updated this week
• Deploying-Securely / DSRAM
  ☆16Updated 2 years ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆85Updated this week
• enisaeu / CNW
  Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…
  ☆94Updated 3 weeks ago
• elastic / dorothy
  ☆192Updated this week
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆202Updated this week
• vulncheck-oss / cli
  VulnCheck's official command line tool
  ☆143Updated this week
• OWASP / OpenCRE
  ☆131Updated last week
• d3fend / d3fend
  Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology
  ☆90Updated last week
• RogoLabs / cve.icu
  CVE.ICU code.
  ☆49Updated this week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆177Updated 2 weeks ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆62Updated 2 weeks ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated last year
• ocsf / ocsf-docs
  OCSF Documentation
  ☆147Updated 2 months ago
• joshua-m-connors / cyber-incident-mcmc-pymc
  Code that implements Factor Analysis of Information Risk (FAIR) in combination with MITRE ATT&CK using Markov Chain Monte Carlo (via PyMC…
  ☆43Updated 2 weeks ago
• center-for-threat-informed-defense / insider-threat-ttp-kb
  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…
  ☆148Updated 5 months ago
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆96Updated 10 months ago
• counteractive / security-controls
  ☆49Updated 2 years ago
• oracuk / oisru
  Repository for the Open Information Security Risk Universe
  ☆64Updated 3 years ago
• opencybersecurityalliance / casp
  ☆19Updated 5 months ago
• mikeprivette / ai-security-shared-responsibility
  AI Security Shared Responsibility Model
  ☆86Updated 3 months ago
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆31Updated 2 months ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆130Updated 3 years ago
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆31Updated 3 years ago