ashpearce / GRC-PlaygroundLinks
A hands-on, real-world GRC lab series built for beginners and curious pros alike. No PDFs. No gatekeeping. Just practical labs for understanding controls, policy as code, and continuous authorization.
☆63Updated last month
Alternatives and similar repositories for GRC-Playground
Users that are interested in GRC-Playground are comparing it to the libraries listed below
Sorting:
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆132Updated last week
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated 2 years ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆95Updated 4 months ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆41Updated 6 months ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆253Updated 2 months ago
- One Conference 2024☆110Updated 11 months ago
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆78Updated 2 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆81Updated last year
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆209Updated this week
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Updated last year
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆262Updated 2 weeks ago
- Generate datasets of cloud audit logs for common attacks☆219Updated last year
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆115Updated 2 weeks ago
- NIST CSF Maturity Toolkit☆102Updated 3 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆91Updated 2 weeks ago
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆167Updated last year
- AWS audits, without screenshots☆26Updated last month
- ☆309Updated last month
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆284Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year
- ☆146Updated this week
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 3 years ago
- Cross cloud workload identity research and workshops☆41Updated last month
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆165Updated last week
- Summaries, transcripts, key points, and other useful insights from AWS re:inforce 2025 talks for those of us who don't have time to watch…☆98Updated 2 months ago
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆46Updated 3 years ago
- Threat Designer is a GenerativeAI application designed to automate and streamline the threat modeling process for secure system design.☆146Updated 3 weeks ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆389Updated last year
- ☆375Updated last year
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆191Updated last year