Alternatives and similar repositories for security-controls

Users that are interested in security-controls are comparing it to the libraries listed below

• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆24Updated 2 years ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆63Updated 5 years ago
• deepanshusood / SANS-Security-Policy-Templates
  SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…
  ☆52Updated 4 years ago
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 10 months ago
• sans-blue-team / sec530-wiki
  ☆56Updated 4 years ago
• mikeprivette / NIST-to-Tech
  An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
  ☆126Updated last year
• carlota / showmethemoney
  These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…
  ☆77Updated 4 months ago
• chandunsa / IRP
  Incident Response Playbooks
  ☆15Updated 6 years ago
• brianwifaneye / NIST-CSF
  NIST CyberSecurity Framework management tool
  ☆166Updated 4 years ago
• center-for-threat-informed-defense / public-resources
  Collection of resources related to the Center for Threat-Informed Defense
  ☆76Updated last year
• panther-labs / tutorials
  Cloud security tutorials and best practices
  ☆38Updated 2 years ago
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆77Updated 5 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆131Updated 5 years ago
• pulsedive / certrss
  ☆120Updated last week
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆85Updated 2 years ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 4 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆60Updated 3 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆56Updated 3 years ago
• SecurityBagel / VulnBagel
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆24Updated last year
• k-bailey / detection-engineering-maturity-matrix
  ☆99Updated 3 years ago
• trevorbryant / awesome-controls
  A collection of awesome security controls mapping for solutions across frameworks.
  ☆57Updated 5 years ago
• swimlane / soc-faker
  A python package for use in generating fake data for SOC and security automation.
  ☆175Updated 10 months ago
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆171Updated this week
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆108Updated last year
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆36Updated 3 years ago
• Shuffle / openapi-apps
  Swagger/ OpenAPI specifications for security products and services
  ☆77Updated this week
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated 2 years ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆48Updated last year
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 4 years ago
• turbot / steampipe-mod-zoom-compliance
  Run individual configuration, compliance and security controls or full compliance benchmarks for CIS for Zoom using Powerpipe and Steampi…
  ☆66Updated 5 months ago