OWASP / www-project-threat-and-safeguard-matrixLinks
OWASP Foundation Web Respository
☆23Updated 3 months ago
Alternatives and similar repositories for www-project-threat-and-safeguard-matrix
Users that are interested in www-project-threat-and-safeguard-matrix are comparing it to the libraries listed below
Sorting:
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆124Updated last week
- Controls Assessment Specification☆70Updated 2 months ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆72Updated 7 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- Repository for the Open Information Security Risk Universe☆64Updated 2 years ago
- NIST CyberSecurity Framework management tool☆165Updated 3 years ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆385Updated last year
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆52Updated 2 months ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆39Updated 3 months ago
- Documentation on the Cyber Defense Matrix☆24Updated 2 years ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 5 years ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- Continuous Audit Metrics☆26Updated last year
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆108Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- The Microsoft Cybersecurity Reference Architecture (https://aka.ms/MCRA) describes Microsoft’s cybersecurity capabilities and how they in…☆20Updated 7 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆53Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆74Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆137Updated 3 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 9 months ago
- The SOCless automation framework☆139Updated 3 months ago
- Cross cloud workload identity research and workshops☆38Updated last month
- Dorothy is a tool to test security monitoring and detection for Okta environments☆182Updated 9 months ago
- ☆131Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆97Updated last year
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆75Updated last year
- Cloud deployment size calculation utilities☆20Updated 2 weeks ago
- A docker container to simplify and secure the use of Infrastructure as Code (IaC)☆73Updated this week
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆59Updated last year