bmarsh9 / gapps
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
☆430Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for gapps
- Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).☆606Updated 3 months ago
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆293Updated 4 months ago
- Useful templates and working document for implementing ISO 27001 - ISMS☆103Updated 2 weeks ago
- Open source templates you can use to bootstrap your security programs☆502Updated 2 weeks ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆210Updated 2 years ago
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆109Updated last week
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆346Updated this week
- NIST CyberSecurity Framework management tool☆157Updated 2 years ago
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆527Updated this week
- Template SOC2 Policy Authority - documentation pipeline☆99Updated 4 years ago
- Built-in Panther detection rules and policies☆339Updated this week
- A concise, directive, specific, flexible, and free incident response plan template☆645Updated 6 months ago
- Cyber Incident Response Team Playbook Battle Cards☆360Updated 5 months ago
- ISO 27001 certification requires organizations to prove their compliance with the Standard with appropriate documentation, which can run …☆80Updated 4 years ago
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence☆84Updated 5 months ago
- Lambda function that streamlines containment of an AWS account compromise☆315Updated 11 months ago
- ☆248Updated last month
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆835Updated last month
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆562Updated 4 months ago
- A curated list of annual cyber security reports☆308Updated this week
- Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.☆841Updated this week
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆380Updated 7 months ago
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆594Updated 2 months ago
- An open source, self-service GRC tool to automate security assessments and compliance.☆180Updated last month
- SCuBA Secure Configuration Baselines and assessment tool for Google Workspace☆156Updated this week
- Compliance automation framework, focused on SOC2☆1,317Updated 2 years ago
- ☆491Updated 3 weeks ago
- External monitoring for organization assets☆372Updated 5 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆255Updated 9 months ago
- CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +60 frameworks worldwide with auto-m…☆1,147Updated this week