CloudSecurityAlliance / continuous-audit-metrics

Related projects ⓘ

Alternatives and complementary repositories for continuous-audit-metrics

• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆47Updated 3 months ago
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆48Updated last year
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆139Updated 3 months ago
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆43Updated 4 years ago
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆53Updated 10 months ago
• EasyDynamics / oscal-react-library
  A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…
  ☆54Updated 7 months ago
• Deploying-Securely / DSRAM
  ☆16Updated last year
• GSA / automate.fedramp.gov
  ☆9Updated this week
• cyght-io / oscal-diagrams
  Automatically generated diagrams for OSCAL models
  ☆15Updated 2 years ago
• GSA / fedramp-automation
  FedRAMP Automation
  ☆283Updated this week
• EasyDynamics / oscal-rest
  An initial OpenAPI definition of an OSCAL REST API.
  ☆38Updated last month
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆169Updated 8 months ago
• usnistgov / oscal-cli
  A simple open source command line tool to support common operations over OSCAL content.
  ☆42Updated 4 months ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆57Updated last year
• usnistgov / oscal-tools
  Tools for the OSCAL project
  ☆34Updated last year
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 2 months ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 4 years ago
• EasyDynamics / oscal-rest-service
  Implementation of the OSCAL REST API
  ☆19Updated 8 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆79Updated 2 years ago
• OWASP / OpenCRE
  ☆79Updated this week
• CrowdStrike / cloud-resource-estimator
  Cloud deployment size calculation utilities
  ☆17Updated this week
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆165Updated this week
• GSA / threat-analysis
  ☆14Updated 2 years ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆104Updated 9 months ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆96Updated 10 months ago
• risk-redux / control_freak
  NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
  ☆35Updated 2 months ago
• usnistgov / oscal-content
  NIST SP 800-53 content and other OSCAL content examples
  ☆306Updated this week
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆27Updated 3 months ago
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆133Updated this week
• usnistgov / oscal-deep-diff
  Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
  ☆29Updated last year