adamshostack / eop

Related projects: ⓘ

• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆327Updated 3 years ago
• Autodesk / continuous-threat-modeling
  A Continuous Threat Modeling methodology
  ☆303Updated 2 years ago
• geoffrey-hill-tutamantic / rapid-threat-model-prototyping-docs
  This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.
  ☆154Updated last year
• adamshostack / DFD3
  ☆68Updated 2 months ago
• dehydr8 / elevation-of-privilege
  An online multiplayer version of the Elevation of Privilege (EoP) threat modeling card game
  ☆120Updated last week
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆233Updated 3 years ago
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆594Updated last week
• OWASP / threat-model-cookbook
  This project is about creating and publishing threat model examples.
  ☆402Updated 2 years ago
• owaspsamm / core
  Core model including reused documentation
  ☆85Updated last week
• Toreon / threat-model-playbook
  ☆77Updated 3 years ago
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆396Updated 2 years ago
• rpetrich / deciduous
  App that simplifies building decision trees to model adverse scenarios
  ☆177Updated 2 months ago
• edgeroute / security-champion-framework
  The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
  ☆102Updated 8 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆165Updated 7 months ago
• OWASP / Software-Component-Verification-Standard
  Software Component Verification Standard (SCVS)
  ☆133Updated 5 months ago
• we45 / ThreatPlaybook
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆271Updated last week
• izar / pytm
  A Pythonic framework for threat modeling
  ☆892Updated last month
• c0rdis / security-champions-playbook
  Security Champions Playbook v 2.1
  ☆341Updated 11 months ago
• michenriksen / drawio-threatmodeling
  Draw.io libraries for threat modeling diagrams
  ☆681Updated 3 years ago
• adamshostack / conflictmodeling
  A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems
  ☆56Updated 8 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆127Updated this week
• CycloneDX / bom-examples
  A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
  ☆168Updated 3 months ago
• ossf / wg-vulnerability-disclosures
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆177Updated last month
• mike-goodwin / owasp-threat-dragon
  An open source, online threat modelling tool from OWASP
  ☆481Updated 2 months ago
• OWASP / Maturity-Models
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆185Updated 6 years ago
• Santandersecurityresearch / asvs
  A simple web app that helps developers understand the ASVS requirements.
  ☆153Updated 6 months ago
• OWASP / user-security-stories
  Repo to hold mapping of user-security-stories
  ☆112Updated 5 years ago
• arnepadmos / threats
  An extensive list of resources related to threat modelling. Gotta catch ’em all!
  ☆30Updated 2 months ago
• BlazingWind / OWASP-ASVS-4.0-testing-guide
  ☆118Updated 10 months ago
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆397Updated 2 weeks ago