mitre / heimdall2Links
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
☆225Updated this week
Alternatives and similar repositories for heimdall2
Users that are interested in heimdall2 are comparing it to the libraries listed below
Sorting:
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆150Updated this week
- A web application to streamline the development of STIGs from SRGs☆74Updated 2 months ago
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆135Updated 3 weeks ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆52Updated 2 months ago
- A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…☆92Updated 10 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆385Updated last year
- Controls Assessment Specification☆70Updated last month
- Stakeholder-Specific Vulnerability Categorization☆150Updated this week
- FedRAMP Automation☆332Updated last month
- ☆16Updated 2 years ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆187Updated last week
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆165Updated last month
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 6 months ago
- A collection of awesome security controls mapping for solutions across frameworks.☆56Updated 4 years ago
- An open source, self-service GRC tool to automate security assessments and compliance.☆191Updated 5 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆199Updated this week
- NIST SP 800-53 content and other OSCAL content examples☆353Updated this week
- Various deployments of the OSCAL editor☆46Updated 10 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆144Updated 8 months ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 5 years ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆50Updated this week
- A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat …☆187Updated 9 months ago
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆345Updated this week
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆123Updated this week
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆101Updated last year
- This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.☆137Updated 2 years ago
- NIST CyberSecurity Framework management tool☆165Updated 3 years ago
- A ComplianceAsCode blog☆27Updated last month
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- Continuous Audit Metrics☆26Updated 11 months ago