magoo / minimalist-risk-management
A minimalist risk management program!
☆116Updated 2 years ago
Related projects: ⓘ
- Repository for the Open Information Security Risk Universe☆63Updated 2 years ago
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆107Updated 2 months ago
- a curated list of useful threat modeling resources☆118Updated 2 months ago
- The SOCless automation framework☆131Updated 3 weeks ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆67Updated 3 weeks ago
- Vendor Security Model Contract☆97Updated 2 years ago
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆181Updated last year
- read the docs version of risk management☆23Updated last year
- ☆42Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆165Updated 7 months ago
- An open source, self-service GRC tool to automate security assessments and compliance.☆179Updated last week
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆101Updated this week
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆282Updated 3 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆74Updated 3 weeks ago
- Repository for the Open Security Reference Architecture☆123Updated 3 months ago
- Segment's Threat Modeling training for our engineers☆233Updated 3 years ago
- NIST CyberSecurity Framework management tool☆155Updated 2 years ago
- OWASP Foundation Web Respository☆22Updated 10 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆61Updated 4 years ago
- A collection of awesome security controls mapping for solutions across frameworks.☆48Updated 4 years ago
- Systematic Universal Security Testing Orchestration☆37Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆102Updated 8 months ago
- Curated list of resources for security Governance, Risk Management, Compliance and Audit professionals and enthusiasts (if they exist).☆587Updated last month
- Dorothy is a tool to test security monitoring and detection for Okta environments☆169Updated last month
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems☆56Updated 8 months ago
- Security Blueprint for Startups☆38Updated 4 years ago
- Template SOC2 Policy Authority - documentation pipeline☆96Updated 3 years ago
- Boilerplate Incident Response Plan from "Starting Up Security"☆159Updated 3 years ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆246Updated 7 months ago
- This is a companion to the Security Engineer Questions☆196Updated 9 months ago