cisagov / bad-practices
CISA's catalog of bad practices that are exceptionally risky.
☆202Updated 3 months ago
Related projects: ⓘ
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆481Updated 5 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆379Updated 5 months ago
- Cyber Incident Response Team Playbook Battle Cards☆356Updated 4 months ago
- NIST CyberSecurity Framework management tool☆155Updated 2 years ago
- A set of guidelines and best practices for an awesome engineering team☆206Updated 3 months ago
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆101Updated this week
- Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s …☆279Updated last year
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆108Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆308Updated this week
- OWASP Foundation Web Respository☆22Updated 10 months ago
- A site for CISA directives☆157Updated 3 months ago
- Microsoft Sentinel SOC Operations☆237Updated 2 months ago
- An API and client for managing STIG assessments☆111Updated this week
- A Windows event logging and collection baseline focused on finding balance between forensic value and optimising retention.☆261Updated 3 years ago
- Public repo to sync with security-pr☆198Updated last week
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆131Updated this week
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆135Updated 2 weeks ago
- The Azure Active Directory Incident Response PowerShell module provides a number of tools, developed by the Azure Active Directory Produc…☆412Updated last year
- PowerShell for CrowdStrike's OAuth2 APIs☆353Updated last week
- A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.☆448Updated last week
- This content is analysis and research of the data sources currently listed in ATT&CK.☆402Updated last year
- SCuBA Secure Configuration Baselines and assessment tool for Google Workspace☆148Updated this week
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆67Updated 3 weeks ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆536Updated 3 weeks ago
- CISA's space for collaboration on the Cybersecurity Performance Goals.☆70Updated 3 months ago
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆107Updated 2 months ago
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆119Updated last year
- Building environments to replicate small networks and deploy applications☆316Updated 10 months ago
- OCSF Documentation☆114Updated this week
- A little tool to play with Azure Identity - Azure Active Directory lab creation tool☆497Updated 3 weeks ago