Alternatives and similar repositories for xCOMPASS:

Users that are interested in xCOMPASS are comparing it to the libraries listed below

• Comcast / ProjectGuardRail
  AI/ML applications have unique security threats. Project GuardRail is a set of security and privacy requirements that AI/ML applications …
  ☆25Updated 2 weeks ago
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆48Updated last year
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆49Updated this week
• OWASP / www-project-integration-standards
  OWASP Foundation Web Respository
  ☆27Updated 4 months ago
• usnistgov / PrivacyFrmwkResources
  This repository contains resources to support organizations’ use of the Privacy Framework. Resources include crosswalks, Profiles, guidel…
  ☆50Updated 5 months ago
• owaspsamm / core
  Core model including reused documentation
  ☆92Updated 3 months ago
• OWASP / OpenCRE
  ☆90Updated last month
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆27Updated 6 months ago
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆28Updated 2 years ago
• adamshostack / DFD3
  ☆71Updated 2 months ago
• OWASP / www-project-threat-and-safeguard-matrix
  OWASP Foundation Web Respository
  ☆22Updated 3 weeks ago
• usnistgov / PrivacyEngCollabSpace
  Privacy Engineering Collaboration Space
  ☆240Updated 8 months ago
• magoo / risk-measurement
  read the docs version of risk management
  ☆24Updated last year
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆72Updated 3 years ago
• SecurityBagel / NIST_800-53r5_Baseline_Config_PowerBI_
  NIST 800-53 Baseline Configuration Tool
  ☆9Updated 4 months ago
• CloudSecurityAlliance / continuous-audit-metrics
  Continuous Audit Metrics
  ☆24Updated 7 months ago
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆53Updated last year
• mitre-atlas / ai-risk-database
  Explore AI Supply Chain Risk with the AI Risk Database
  ☆51Updated 8 months ago
• simonec73 / threatsmanager
  Threats Manager Platform Core libraries and SDK
  ☆73Updated last month
• piercing-index / cloud-vulnerabilities
  ☆38Updated 9 months ago
• GSA / threat-analysis
  ☆14Updated 2 years ago
• FIRSTdotorg / epss
  Exploit Prediction Scoring System (EPSS)
  ☆24Updated 2 years ago
• Agh42 / oscal4neo4j
  Scripts to import OSCAL example content into the Neo4J graph database
  ☆27Updated last year
• riski-io / grc
  An open source Governance Risk Compliance (GRC) solution for corporates and government
  ☆26Updated 7 years ago
• usnistgov / CloudSecurityArchitectureTool-CSAT-v0.1
  ☆19Updated 6 months ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆127Updated 2 years ago
• matthiasrohr / OTMT
  Open Threat Modeling Template
  ☆49Updated 6 months ago
• adamshostack / conflictmodeling
  A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems
  ☆56Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆135Updated this week
• trevorbryant / awesome-controls
  A collection of awesome security controls mapping for solutions across frameworks.
  ☆54Updated 4 years ago