ashpearce / GRC-PlaygroundLinks
A hands-on, real-world GRC lab series built for beginners and curious pros alike. No PDFs. No gatekeeping. Just practical labs for understanding controls, policy as code, and continuous authorization.
☆54Updated 2 weeks ago
Alternatives and similar repositories for GRC-Playground
Users that are interested in GRC-Playground are comparing it to the libraries listed below
Sorting:
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆132Updated last week
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆40Updated 5 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆76Updated last year
- A Secure Controls Framework (SCF) Power BI App☆22Updated 9 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆80Updated 3 years ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Updated last year
- One Conference 2024☆111Updated 10 months ago
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆321Updated last year
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆209Updated this week
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆250Updated last month
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆387Updated last year
- OCSF Documentation☆137Updated 2 months ago
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆76Updated last month
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆165Updated 2 months ago
- ☆261Updated 9 months ago
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence☆85Updated last year
- SCuBA Secure Configuration Baselines and assessment tool for Google Workspace☆252Updated last week
- Template SOC2 Policy Authority - documentation pipeline☆116Updated 4 years ago
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆44Updated 3 years ago
- ☆144Updated 2 weeks ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆283Updated last year
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆191Updated last year
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆94Updated 3 months ago
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆43Updated 2 months ago
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆123Updated last year
- NIST CyberSecurity Framework management tool☆166Updated 3 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆187Updated 11 months ago
- AWS audits, without screenshots☆25Updated last month
- NIST CSF Maturity Toolkit☆70Updated 2 months ago