ashpearce / GRC-PlaygroundLinks
A hands-on, real-world GRC lab series built for beginners and curious pros alike. No PDFs. No gatekeeping. Just practical labs for understanding controls, policy as code, and continuous authorization.
☆89Updated 2 months ago
Alternatives and similar repositories for GRC-Playground
Users that are interested in GRC-Playground are comparing it to the libraries listed below
Sorting:
- NIST CSF Maturity Toolkit☆114Updated 7 months ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆262Updated 6 months ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆51Updated 2 months ago
- AI Security Shared Responsibility Model☆88Updated 4 months ago
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆143Updated 3 weeks ago
- Open-source GRC platform for modern security teams. Manage compliance (SOC 2, ISO 27001, HIPAA), risk registers, vendor assessments, and …☆65Updated last week
- ☆360Updated 4 months ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆102Updated 8 months ago
- SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…☆52Updated 4 years ago
- Cybether - A modern, open-source Cybersecurity Governance, Risk, and Compliance (GRC) dashboard☆86Updated last month
- One Conference 2024☆111Updated last year
- Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…☆85Updated 6 months ago
- ☆49Updated last month
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆80Updated 3 weeks ago
- Automating Security Detection Engineering, published by Packt☆65Updated last year
- A starter pack of resources to help you get started in Detection Engineering.☆180Updated last week
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆389Updated last year
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆287Updated last year
- 🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…☆46Updated 7 months ago
- Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).☆965Updated 4 months ago
- CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…☆265Updated 2 months ago
- ☆96Updated 3 weeks ago
- NIST CyberSecurity Framework management tool☆166Updated 4 years ago
- NOVA: The Prompt Pattern Matching☆71Updated 3 months ago
- Code that implements Factor Analysis of Information Risk (FAIR) in combination with MITRE ATT&CK using Markov Chain Monte Carlo (via PyMC…☆44Updated last month
- A curated list of LLM driven Cyber security Resources☆45Updated 3 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated 2 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆225Updated last year
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆126Updated last year
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆215Updated last week