Alternatives and similar repositories for common-cloud-controls

Users that are interested in common-cloud-controls are comparing it to the libraries listed below

• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆207Updated last week
• ossf / ai-ml-security
  Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security
  ☆112Updated last month
• ossf / security-baseline
  ☆110Updated last week
• awslabs / security-hub-compliance-analyzer
  A compliance analysis tool which enables organizations to more quickly articulate their compliance posture and also generate supporting e…
  ☆48Updated this week
• OWASP / www-project-devsecops-maturity-model
  OWASP Foundation Web Respository
  ☆56Updated this week
• aibom-squad / SBOM-for-AI-Use-Cases
  Repository for on-going work as part of the SBOM for AI Tiger Team effort.
  ☆39Updated 2 months ago
• cloud-native-security-controls / controls-catalog
  ☆16Updated last year
• OWASP / www-project-ai-maturity-assessment
  OWASP Foundation web repository
  ☆35Updated last week
• trustoncloud / threatmodel-for-azure-storage
  Threat model for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based ap…
  ☆59Updated 2 years ago
• DataDog / supply-chain-firewall
  Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages
  ☆165Updated this week
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆236Updated 2 years ago
• defenseunicorns-labs / lula1
  The Compliance Validator
  ☆184Updated last month
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated 2 years ago
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆89Updated 5 months ago
• ossf / s2c2f
  The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously…
  ☆215Updated 4 months ago
• mikeprivette / ai-security-shared-responsibility
  AI Security Shared Responsibility Model
  ☆68Updated 2 weeks ago
• chainguard-dev / ghscan
  Scan GitHub Actions Workflow logs for IOCs
  ☆15Updated last week
• PaloAltoNetworks / prisma-cloud-scan
  GitHub action to scan container images with Palo Alto Networks' Prisma Cloud
  ☆60Updated 6 months ago
• someengineering / cloud-security-list
  A list of cloud security tools and vendors.
  ☆179Updated last year
• smithy-security / smithy
  The security workflow engine!
  ☆122Updated last week
• CycloneDX / transparency-exchange-api
  A standard API specification for exchanging supply chain artifacts and intelligence
  ☆86Updated last week
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆184Updated 3 months ago
• OWASP / OpenCRE
  ☆123Updated 3 weeks ago
• IBM / CBOM
  Cryptography Bill of Materials
  ☆72Updated 3 weeks ago
• fraim-dev / fraim
  A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.
  ☆127Updated last week
• advanced-security / enterprise-security-team
  Manage a uniform team of security managers for every organization in your enterprise
  ☆25Updated this week
• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆46Updated last year
• GoComply / fedramp
  Open source tool for processing OSCAL based FedRAMP SSPs
  ☆43Updated 11 months ago
• PaloAltoNetworks / pcs-postman
  Postman collections for Prisma Cloud
  ☆76Updated last year
• caizencloud / caizen
  Harness the security superpowers of your cloud asset inventory
  ☆11Updated last year