Alternatives and similar repositories for common-cloud-controls

Users that are interested in common-cloud-controls are comparing it to the libraries listed below

• ossf / ai-ml-security
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆141Updated last month
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆231Updated this week
• awslabs / security-hub-compliance-analyzer
  A compliance analysis tool which enables organizations to more quickly articulate their compliance posture and also generate supporting e…
  ☆54Updated 3 months ago
• OWASP / www-project-ai-maturity-assessment
  OWASP Foundation web repository
  ☆39Updated 3 months ago
• ossf / security-baseline
  ☆140Updated this week
• PaloAltoNetworks / prisma-cloud-scan
  GitHub action to scan container images with Palo Alto Networks' Prisma Cloud
  ☆58Updated last month
• trustoncloud / threatmodel-for-azure-storage
  Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…
  ☆59Updated 2 years ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆56Updated 4 months ago
• cloud-native-security-controls / controls-catalog
  ☆16Updated last year
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆59Updated 2 years ago
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆205Updated 7 months ago
• advanced-security / enterprise-security-team
  Manage a uniform team of security managers for every organization in your enterprise
  ☆24Updated last week
• usnistgov / oscal-cli
  A simple open source command line tool to support common operations over OSCAL content.
  ☆59Updated last month
• aibom-squad / SBOM-for-AI-Use-Cases
  Repository for on-going work as part of the SBOM for AI Tiger Team effort.
  ☆40Updated 6 months ago
• ossf / s2c2f
  The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…
  ☆225Updated 8 months ago
• Cybr-Inc / fwdcloudsec-2025-summaries
  Summaries, transcripts, key points, and other useful insights from fwd:cloudsec 2025 talks for those of us who don't have time to watch e…
  ☆85Updated 7 months ago
• chainguard-dev / ghscan
  Scan GitHub Actions Workflow logs for IOCs
  ☆16Updated this week
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆90Updated 3 months ago
• Ask-Sage / NIST-800-53-Automation
  This python app generates NIST 800 53 control implementation for each control and generate the CSV file.
  ☆53Updated 2 years ago
• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆48Updated last year
• defenseunicorns-labs / lula1
  The Compliance Validator
  ☆183Updated this week
• EasyDynamics / oscal-react-library
  A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…
  ☆64Updated last year
• oscal-compass / compliance-trestle-demos
  Demo setup for compliance-trestle
  ☆37Updated last week
• GSA / fedramp-automation
  FedRAMP Automation
  ☆355Updated 10 months ago
• pumasecurity / nymeria
  Cross cloud workload identity research and workshops
  ☆48Updated last month
• caizencloud / caizen
  Harness the security superpowers of your cloud asset inventory
  ☆11Updated last year
• OWASP / OpenCRE
  ☆138Updated last week
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆215Updated last week
• IBM / CBOM
  Cryptography Bill of Materials
  ☆97Updated 4 months ago
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆239Updated 3 years ago