Alternatives and similar repositories for SSVC

Users that are interested in SSVC are comparing it to the libraries listed below

• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆77Updated last year
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆204Updated last week
• cisagov / CSAF
  CISA CSAF Security Advisories
  ☆74Updated this week
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆43Updated last year
• Deploying-Securely / DSRAM
  ☆16Updated 2 years ago
• OWASP / OpenCRE
  ☆110Updated this week
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆31Updated 2 years ago
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆95Updated 4 months ago
• anchore / nvd-data-overrides
  ☆47Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆70Updated this week
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆52Updated 3 months ago
• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆24Updated 2 years ago
• cisagov / shareable-soar-workflows
  This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…
  ☆86Updated 4 years ago
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆174Updated this week
• OWASP / www-project-threat-and-safeguard-matrix
  OWASP Foundation Web Respository
  ☆24Updated 4 months ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆62Updated last week
• vulncheck-oss / cli
  VulnCheck's official command line tool
  ☆135Updated this week
• sckg / sckg
  Security Control Knowledge Graph
  ☆28Updated last year
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆51Updated this week
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 2 months ago
• FIRSTdotorg / cvss-v4-calculator
  CVSS v4.0 calculator
  ☆32Updated 10 months ago
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆154Updated this week
• center-for-threat-informed-defense / insider-threat-ttp-kb
  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…
  ☆144Updated 3 weeks ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 5 years ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆147Updated 2 months ago
• cisagov / kev-data
  Mirror of cisa.gov/kev data files
  ☆50Updated this week
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆50Updated last week
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆76Updated this week
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 7 months ago
• jgamblin / KEV_EPSS
  KEV EPSS Data
  ☆25Updated this week