CloudSecurityAlliance / continuous-audit-metrics
Continuous Audit Metrics
☆24Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for continuous-audit-metrics
- Various deployments of the OSCAL editor☆47Updated 3 months ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆48Updated last year
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆139Updated 3 months ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 4 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆53Updated 10 months ago
- A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…☆54Updated 7 months ago
- ☆16Updated last year
- ☆9Updated this week
- Automatically generated diagrams for OSCAL models☆15Updated 2 years ago
- FedRAMP Automation☆283Updated this week
- An initial OpenAPI definition of an OSCAL REST API.☆38Updated last month
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆169Updated 8 months ago
- A simple open source command line tool to support common operations over OSCAL content.☆42Updated 4 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆57Updated last year
- Tools for the OSCAL project☆34Updated last year
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- Implementation of the OSCAL REST API☆19Updated 8 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- ☆79Updated this week
- Cloud deployment size calculation utilities☆17Updated this week
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆165Updated this week
- ☆14Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆104Updated 9 months ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆96Updated 10 months ago
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆35Updated 2 months ago
- NIST SP 800-53 content and other OSCAL content examples☆306Updated this week
- Threat Modeling Manifesto☆27Updated 3 months ago
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆133Updated this week
- Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool☆29Updated last year