Alternatives and similar repositories for Community-Contribs

Users that are interested in Community-Contribs are comparing it to the libraries listed below

• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆65Updated last month
• iriusrisk / startleft
  StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…
  ☆51Updated this week
• DefectDojo / sample-scan-files
  Sample scan files for testing DefectDojo imports
  ☆82Updated 6 months ago
• lightspin-tech / red-bucket-gcp
  ☆10Updated 3 years ago
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆54Updated last year
• OWASP / threat-dragon-core
  OWASP Threat Dragon core files
  ☆28Updated 4 years ago
• kannkyo / epss-api
  EPSS(Exploit Prediction Scoring System) API client
  ☆18Updated last week
• DevSlop / pixi-crs
  CI Pipeline with Pixi, the WAF OWASP Core Rule Set and TestCafe tests.
  ☆15Updated 4 years ago
• OWASP / OpenCRE
  ☆119Updated this week
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated 6 months ago
• meta-fun / awesome-software-supply-chain-security
  Sharing software supply chain security open source projects
  ☆50Updated 2 years ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆55Updated 2 years ago
• DefectDojo / defectdojo_api
  Python API library for DefectDojo
  ☆42Updated 2 years ago
• Comcast / xGitGuard
  AI based Secrets Detection Python Framework
  ☆61Updated last month
• franksec42 / Vulnerability-management-maturity
  Maturity Model Collaborative project
  ☆15Updated 2 years ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆174Updated 8 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆156Updated this week
• usnistgov / oscal-deep-diff
  Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool
  ☆37Updated 2 years ago
• SecureStackCo / visualizing-software-supply-chain
  A project to visualize the software supply chain
  ☆52Updated last year
• devsecops / raindance
  Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.
  ☆48Updated 8 years ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated 2 years ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆46Updated 2 years ago
• Risk-Assessment-Framework / RiskAssessmentFramework
  The Secure Coding Framework
  ☆22Updated 5 years ago
• mitre / heimdall_tools
  DEPRECATED: A set of utilities for converting and working with compliance data for viewing in the heimdall applications
  ☆35Updated 3 years ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆149Updated 4 months ago
• CERTCC / SBOM
  Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
  ☆62Updated last year
• pbom-dev / OSCAR
  A comprehensive, systematic and actionable way to understand attacker behaviors and techniques with respect to the software supply chain
  ☆95Updated 5 months ago
• opencybersecurityalliance / PACE
  Posture Attribute Collection and Evaluation
  ☆23Updated 2 years ago
• FIRSTdotorg / cvss-v4-calculator
  CVSS v4.0 calculator
  ☆33Updated 11 months ago
• opengrep / opengrep-rules
  ☆79Updated 6 months ago