Alternatives and similar repositories for oscal:

Users that are interested in oscal are comparing it to the libraries listed below

• GSA / oscal-gen-tool
  ☆15Updated 3 years ago
• mitre / mitre-saf
  Landing Page Content/Builder for MITRE Security Automation Framework
  ☆28Updated 3 weeks ago
• usnistgov / oscal-tools
  Tools for the OSCAL project
  ☆35Updated 2 years ago
• GSA / oscal-ssp-to-word
  ☆18Updated 3 years ago
• mitre / heimdall_tools
  DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications
  ☆35Updated 3 years ago
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆43Updated 5 years ago
• ThreatResponse / aws_ir_plugins
  Core incident handling plugins for aws_ir cli, incident pony, and more.
  ☆21Updated 6 years ago
• chainguard-dev / self-attestation
  Markdown Version of the DHS/CISA Secure Software Development Self Attestation Form.
  ☆21Updated last year
• docker-archive / oscalkit
  NIST OSCAL SDK and CLI
  ☆38Updated 4 years ago
• usnistgov / CloudSecurityArchitectureTool-CSAT-v0.1
  ☆19Updated 8 months ago
• usnistgov / sctools
  Tools for security content automation, baseline tailoring, and overlay development.
  ☆43Updated 6 months ago
• center-for-threat-informed-defense / defending-iaas-with-attack
  Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…
  ☆13Updated last year
• risk-redux / control_freak
  NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
  ☆39Updated 2 months ago
• stevespringett / owasp-risk-rating-calculator
  A Java library for programmatically calculating OWASP Risk Rating scores
  ☆18Updated last year
• Agh42 / oscal4neo4j
  Scripts to import OSCAL example content into the Neo4J graph database
  ☆28Updated 2 years ago
• GSA / threat-analysis
  ☆15Updated 3 years ago
• ComplianceAsCode / ComplianceAsCode.github.io
  A ComplianceAsCode blog
  ☆27Updated 3 weeks ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 4 months ago
• swagitda / security-decision-trees-graphviz
  Decision trees generated via Graphviz to inform pragmatic threat modelling.
  ☆11Updated 4 years ago
• GoComply / oscalkit
  NIST OSCAL SDK and CLI
  ☆18Updated 8 months ago
• usnistgov / oscal-deep-diff
  Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
  ☆33Updated last year
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆24Updated last year
• DefectDojo / Community-Contribs
  DefectDojo Community Content
  ☆17Updated 5 months ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• CivicActions / oscal-component-definitions
  OSCAL reusable component definitions library
  ☆12Updated last week
• mitre / heimdall-legacy
  A Security Results Viewer for the web with storage, teams and history
  ☆35Updated 2 years ago
• ramimac / breach-list-database
  A meta-database collecting resources that compile lists of breaches
  ☆18Updated 4 months ago
• oscal-compass / compliance-trestle-demos
  Demo setup for compliance-trestle
  ☆33Updated this week
• EasyDynamics / oscal-rest-service
  Implementation of the OSCAL REST API
  ☆19Updated last year
• Securosis / AdvancedCloudsecTraining
  Repository for lab materials for the Advanced Cloud Security and Applied DevSecOps training class.
  ☆11Updated 5 years ago