c0rdis / security-champions-playbook
Security Champions Playbook v 2.1
☆341Updated 11 months ago
Related projects: ⓘ
- This project is about creating and publishing threat model examples.☆402Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆102Updated 8 months ago
- threatspec - continuous threat modeling, through code☆327Updated 3 years ago
- Segment's Threat Modeling training for our engineers☆233Updated 3 years ago
- A Continuous Threat Modeling methodology☆303Updated 2 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆271Updated last week
- ☆478Updated last week
- SAMM stands for Software Assurance Maturity Model.☆396Updated 2 years ago
- Security Remediation Guides☆698Updated last month
- This is a companion to the Security Engineer Questions☆196Updated 9 months ago
- ☆118Updated 10 months ago
- ☆394Updated last year
- OWASP Foundation Web Respository☆78Updated 2 weeks ago
- ☆30Updated 3 years ago
- Collection of Threat Models☆370Updated 2 years ago
- OWASP Cloud Security - Enabling conversations through threat and control stories☆175Updated 5 years ago
- NextJS-based single-page application for completing and reviewing SAMM assessments☆67Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆165Updated 7 months ago
- ☆414Updated this week
- OWASP Foundation Web Respository☆64Updated last year
- Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM☆185Updated 6 years ago
- ☆77Updated 3 years ago
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,359Updated last month
- Agile Threat Modeling Toolkit☆594Updated last week
- A simple web app that helps developers understand the ASVS requirements.☆153Updated 6 months ago
- A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.☆574Updated 10 months ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆644Updated 11 months ago
- OWASP ASVS checklist for audits☆186Updated 8 months ago
- materials we hand out☆127Updated last week
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆827Updated 2 months ago