TristanToye / SOC2-guide
Documenting SOC 2 tools and processes
☆67Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for SOC2-guide
- SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.☆27Updated last week
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence☆84Updated 5 months ago
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆293Updated 4 months ago
- Template SOC2 Policy Authority - documentation pipeline☆99Updated 4 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.☆53Updated 10 months ago
- The SOCless automation framework☆134Updated 2 months ago
- Generate security policies and documents based on KPNs templates.☆37Updated 5 years ago
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆151Updated last year
- Docker build of GovReady☆13Updated 11 months ago
- An open source, self-service GRC tool to automate security assessments and compliance.☆180Updated last month
- A Software as a Service (SaaS) log collection framework.☆130Updated 3 weeks ago
- Is your AWS perimeter secure? Use Powerpipe and Steampipe to check your AWS accounts for public resources, resources shared with untrust…☆106Updated 2 weeks ago
- Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps…☆430Updated 3 months ago
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆109Updated 3 months ago
- Run individual configuration, compliance and security controls or full compliance benchmarks for CIS across all of your GCP projects usin…☆36Updated 2 weeks ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 4 years ago
- ☆43Updated last year
- IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, hum…☆285Updated 3 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- GCP Auto Remediation Suite for High Risk Events☆42Updated 3 years ago
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆175Updated 2 months ago
- read the docs version of risk management☆24Updated last year
- Security policies for Tailscale☆267Updated last week
- A list of cloud security tools and vendors.☆135Updated 2 months ago
- ☁️Haven GRC - easier governance, risk, and compliance 👨⚕️👮♀️🦸♀️🕵️♀️👩🔬☆97Updated 3 years ago
- Vendor Security Model Contract☆97Updated 2 years ago
- find dangling domains in a multi cloud environment☆135Updated 6 months ago
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Automate the creation of a System Security Plan (SSP)☆36Updated last month