oracuk / oisru
Repository for the Open Information Security Risk Universe
β63Updated 2 years ago
Related projects β
Alternatives and complementary repositories for oisru
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 2 months ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.β62Updated 4 years ago
- β61Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findingsβ136Updated 3 years ago
- The SOCless automation frameworkβ134Updated 2 months ago
- Controls Assessment Specificationβ65Updated 5 months ago
- Vendor Security Model Contractβ97Updated 2 years ago
- This script is used to generate some basic detections of the aws security servicesβ71Updated 2 years ago
- GCP CSPM using Google Sheetsβ34Updated 4 months ago
- β36Updated 3 years ago
- Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.β53Updated 10 months ago
- Convert cloudtrail data to MITRE ATT&CK Sightingsβ79Updated 2 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.β71Updated 3 years ago
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systemsβ56Updated 10 months ago
- OWASP Foundation Web Respositoryβ22Updated 11 months ago
- Documentation on the Cyber Defense Matrixβ24Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β169Updated 8 months ago
- Updated incident response generator for training classesβ41Updated 3 years ago
- Cloud security tutorials and best practicesβ38Updated last year
- Security Scanner based on CIS benchmark 1.1 inspired by Scout2β52Updated last year
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ57Updated last year
- Dorothy is a tool to test security monitoring and detection for Okta environmentsβ175Updated 3 months ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and thβ¦β69Updated 2 weeks ago
- β66Updated 5 months ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.β62Updated 5 years ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β46Updated 7 years ago
- OCSF Documentationβ119Updated 2 weeks ago
- Segment's Threat Modeling training for our engineersβ238Updated 3 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, manβ¦β76Updated 3 years ago
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approachβ151Updated last year