Rhosys / soc2.fyi
SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.
☆22Updated 3 weeks ago
Related projects: ⓘ
- Documenting SOC 2 tools and processes☆62Updated 2 years ago
- Template SOC2 Policy Authority - documentation pipeline☆96Updated 3 years ago
- Coalfire AWS RAMP/pak Reference Architecture☆35Updated 3 weeks ago
- Identify all permitted data paths originating from the Internet to Network Interfaces within AWS Accounts across the entire AWS Organizat…☆35Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆77Updated 2 years ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆93Updated 2 months ago
- ☆37Updated 8 months ago
- AWS honey token manager☆78Updated last month
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆53Updated 8 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 5 months ago
- NIST OSCAL SDK and CLI☆17Updated 2 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆55Updated last year
- Generate security policies and documents based on KPNs templates.☆34Updated 4 years ago
- Scripts to quickly fix security and compliance issues☆25Updated 9 months ago
- CloudSplaining on AWS Managed Policies☆41Updated this week
- Data perimeter helper is a tool that helps you design and anticipate the impact of your data perimeter controls☆13Updated last week
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence☆81Updated 3 months ago
- https://breaches.cloud☆36Updated 2 months ago
- A collection of awesome framework, libraries, documents, learning tutorials, resources about SOC 2 tools and processes.☆19Updated 2 years ago
- Open source cyber-serenity platform that help the security teams designing and managing companies' ISMS, and which allow them to create r…☆14Updated 2 weeks ago
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆28Updated 2 years ago
- ☆18Updated 2 months ago
- Docker build of GovReady☆13Updated 10 months ago
- The SaaS CTO Security Checklist Redux, The DevOps Security Checklist, and The Personal Infosec & Security Checklist☆23Updated 3 years ago
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆34Updated last month
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆19Updated last year
- ☆108Updated last month
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆147Updated 4 months ago
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆42Updated 8 months ago
- Add a layer of active defense to your cloud applications.☆77Updated this week