Alternatives and similar repositories for common-cloud-controls

Users that are interested in common-cloud-controls are comparing it to the libraries listed below

• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆201Updated this week
• ossf / security-baseline
  ☆103Updated last week
• ossf / ai-ml-security
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆106Updated last month
• cloud-native-security-controls / controls-catalog
  ☆16Updated last year
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆173Updated 2 months ago
• aibom-squad / SBOM-for-AI-Tiger-Team
  Repository for on-going work as part of the SBOM for AI Tiger Team effort.
  ☆38Updated last month
• PaloAltoNetworks / prisma-cloud-scan
  GitHub action to scan container images with Palo Alto Networks' Prisma Cloud
  ☆59Updated 5 months ago
• OWASP / www-project-ai-maturity-assessment
  OWASP Foundation web repository
  ☆32Updated 2 weeks ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated last year
• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆46Updated last year
• defenseunicorns / lula
  The Compliance Validator
  ☆182Updated last week
• usnistgov / oscal-cli
  A simple open source command line tool to support common operations over OSCAL content.
  ☆53Updated 3 weeks ago
• trustoncloud / threatmodel-for-azure-storage
  Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…
  ☆59Updated 2 years ago
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious npm and PyPI packages
  ☆158Updated last week
• GSA / fedramp-automation
  FedRAMP Automation
  ☆342Updated 4 months ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated 4 months ago
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆83Updated last month
• chainguard-dev / ghscan
  Scan GitHub Actions Workflow logs for IOCs
  ☆15Updated this week
• EasyDynamics / oscal-react-library
  A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…
  ☆60Updated last year
• awslabs / security-hub-compliance-analyzer
  A compliance analysis tool which enables organizations to more quickly articulate their compliance posture and also generate supporting e…
  ☆47Updated 3 months ago
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆55Updated 2 years ago
• prowler-cloud / py-ocsf-models
  OCSF (https://schema.ocsf.io/) models in Python using Pydantic.
  ☆23Updated 3 weeks ago
• caizencloud / caizen
  Harness the security superpowers of your cloud asset inventory
  ☆11Updated 11 months ago
• tenable / EscalateGPT
  An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
  ☆114Updated 3 weeks ago
• someengineering / cloud-security-list
  A list of cloud security tools and vendors.
  ☆175Updated 11 months ago
• awslabs / threat-designer
  Threat Designer is a GenerativeAI application designed to automate and streamline the threat modeling process for secure system design.
  ☆134Updated 2 weeks ago
• OWASP / OpenCRE
  ☆121Updated this week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆175Updated 9 months ago
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆54Updated 5 months ago
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆236Updated 2 years ago