cisagov / vulnrichment
A repo to conduct vulnerability enrichment.
☆587Updated this week
Alternatives and similar repositories for vulnrichment:
Users that are interested in vulnrichment are comparing it to the libraries listed below
- Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time thre…☆614Updated last week
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆220Updated this week
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆174Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆297Updated this week
- A curated list of annual cyber security reports☆482Updated this week
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆592Updated this week
- ☆364Updated 11 months ago
- Gram is Klarna's own threat model diagramming tool☆319Updated last week
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆273Updated last year
- The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).☆366Updated 3 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆132Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆651Updated last month
- Stakeholder-Specific Vulnerability Categorization☆140Updated this week
- Open source templates you can use to bootstrap your security programs☆820Updated last month
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆266Updated last week
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆943Updated 2 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆174Updated 6 months ago
- MITRE Caldera™ for OT Plugins & Capabilities☆206Updated 4 months ago
- OWASP Foundation Web Respository☆245Updated this week
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated 4 months ago
- Open Source Package Analysis☆824Updated last week
- Production-ready detection & response queries for osquery☆554Updated last week
- Documenting your Threat Models with HCL☆425Updated 6 months ago
- Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC met…☆335Updated 4 months ago
- Built-in Panther detection rules and policies☆369Updated this week
- BLint is a Binary Linter to check the security properties, and capabilities in your executables. Since v2, blint is also an SBOM generato…☆358Updated this week
- Awesome secure by default libraries to help you eliminate bug classes!☆687Updated 2 weeks ago
- 💀 Don't fear the Reaper 👻☆476Updated this week
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆325Updated last month
- OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…☆163Updated last week