Alternatives and similar repositories for risk-measurement

Users that are interested in risk-measurement are comparing it to the libraries listed below

• dropbox / vsmc
  Vendor Security Model Contract
  ☆98Updated 3 years ago
• counteractive / security-controls
  ☆48Updated 2 years ago
• magoo / minimalist-risk-management
  A minimalist risk management program!
  ☆135Updated 2 years ago
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆54Updated last year
• disruptops / IncidentResponseGenerator
  Updated incident response generator for training classes
  ☆44Updated 4 years ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 11 months ago
• duo-labs / appsec-education
  Presentations, training modules, and other education materials from Duo Security's Application Security team.
  ☆75Updated 4 years ago
• kbroughton / azure_cis_scanner
  Security Scanner based on CIS benchmark 1.1 inspired by Scout2
  ☆53Updated 2 years ago
• kindlyops / havengrc
  ☁️Haven GRC - easier governance, risk, and compliance 👨‍⚕️👮‍♀️🦸‍♀️🕵️‍♀️👩‍🔬
  ☆102Updated 4 years ago
• oracuk / oisru
  Repository for the Open Information Security Risk Universe
  ☆64Updated 3 years ago
• WithSecureOpenSource / elevation-of-privacy
  Privacy Cards for Software Developers
  ☆53Updated 6 years ago
• security4startups / blueprint_2019
  Security Blueprint for Startups
  ☆39Updated 5 years ago
• ansorren / GDPatrol
  A Lambda-powered Security Orchestration framework for AWS GuardDuty
  ☆52Updated 5 years ago
• kpolley / slackurity
  Slack bot which promotes Defense in Depth/Zero Trust security practices
  ☆24Updated 2 years ago
• owaspsamm / dashboard-webapp
  ☆21Updated 3 years ago
• twilio-labs / socless
  The SOCless automation framework
  ☆140Updated 5 months ago
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆27Updated last year
• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆36Updated 3 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 3 years ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated last year
• jdyke / gcp-iam-analyzer
  Compares and analyzes GCP IAM roles.
  ☆77Updated 4 months ago
• redshiftzero / awesome-threat-modeling
  a curated list of useful threat modeling resources
  ☆137Updated last year
• devsecops / wardley-maps
  A repository for wardley maps related to security topics.
  ☆46Updated 8 years ago
• omaidf / PrismX
  Cloud Security Dashboard for AWS - based on ScoutSuite
  ☆1Updated 2 years ago
• keithmccammon / cybersecurity-models
  A collection of models for organizing, prioritizing, and understanding cybersecurity and information risk management concepts.
  ☆23Updated 9 months ago
• endgameinc / varna
  Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)
  ☆52Updated 2 years ago
• 3CORESec / Trapdoor
  Serverless honeytoken 🕵🏻‍♂️
  ☆80Updated 2 years ago
• devsecops / raindance
  Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.
  ☆48Updated 8 years ago
• gyrospectre / squyre
  Security Alert Decoration
  ☆27Updated last week
• deepanshusood / SANS-Security-Policy-Templates
  SANS has developed a set of information security policy templates. These are free to use and fully customizable to your company's IT secu…
  ☆42Updated 3 years ago