CloudSecurityAlliance / CSA-Guidance
CSA Guidance
☆215Updated 7 years ago
Related projects: ⓘ
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆185Updated 6 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆379Updated 5 months ago
- Repo to hold mapping of user-security-stories☆112Updated 5 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆175Updated 5 years ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆61Updated 4 years ago
- Threats Manager Platform Core libraries and SDK☆69Updated 2 weeks ago
- This repository will teach you have to do my talk "Pushing Left, Like a Boss".☆69Updated 2 years ago
- NIST CyberSecurity Framework management tool☆155Updated 2 years ago
- This repository contains information about DevSecOps and how to get involved in this community effort.☆146Updated 5 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆271Updated last week
- A collection of awesome security controls mapping for solutions across frameworks.☆48Updated 4 years ago
- Phantom Community Playbooks☆467Updated last month
- Templates for the Microsoft Threat Modeling Tool☆138Updated 2 years ago
- Microsoft Threat Modeling Template files☆177Updated last year
- ☆414Updated this week
- Open source security career ladders☆114Updated last year
- CISA's catalog of bad practices that are exceptionally risky.☆202Updated 3 months ago
- An open source, online threat modelling tool from OWASP☆481Updated 2 months ago
- OWASP Foundation Web Respository☆22Updated 10 months ago
- Security auditing tool for Azure environments☆556Updated last year
- A collection of security related user stories compatible with NIST Special Publication 800-53☆32Updated 7 years ago
- NIST SP 800-53 content and other OSCAL content examples☆292Updated 2 weeks ago
- Unlocking Serverless Computing to Assess Security Controls☆242Updated 6 months ago
- SAMM stands for Software Assurance Maturity Model.☆396Updated 2 years ago
- Security aspects of AWS products for the Security Specialist certification☆207Updated 2 years ago
- FedRAMP Automation☆272Updated this week
- Documentation on the Cyber Defense Matrix☆24Updated last year
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆282Updated 3 months ago
- A curated list of awesome Microsoft Azure Security tools, guides, blogs, and other resources.☆326Updated 11 months ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆402Updated last year