owaspsamm / websiteLinks
The OWASP SAMM Website
☆11Updated last week
Alternatives and similar repositories for website
Users that are interested in website are comparing it to the libraries listed below
Sorting:
- ☆25Updated 2 years ago
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆51Updated 2 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆83Updated last year
- Core model including reused documentation☆101Updated last month
- The security workflow engine!☆136Updated 2 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆141Updated 2 years ago
- A full insecure kubernetes application for testing security tools☆90Updated 3 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆101Updated 2 years ago
- ☆138Updated last week
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆215Updated this week
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆179Updated 2 months ago
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆171Updated last week
- OWASP Foundation Web Respository☆32Updated 4 months ago
- OWASP Foundation Web Respository☆45Updated last month
- MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management.☆176Updated 2 months ago
- Add a layer of active defense to your cloud applications.☆103Updated this week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆80Updated last month
- A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)☆215Updated 3 months ago
- Stakeholder-Specific Vulnerability Categorization☆171Updated 2 weeks ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆102Updated 2 weeks ago
- Software Component Verification Standard (SCVS)☆153Updated 10 months ago
- A comprehensive framework for analyzing and defending against attacks targeting Software Development Life Cycle Infrastructure.☆97Updated last week
- Working Group on Artificial Intelligence and Machine Learning (AI/ML) Security☆143Updated last month
- Global Security Database Tools☆43Updated 2 years ago
- KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.☆105Updated 2 years ago
- AI Security Shared Responsibility Model☆88Updated 4 months ago
- CISA CSAF Security Advisories☆94Updated this week
- Utility that provides an API platform for validating, querying and managing BOM data☆124Updated last month
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Updated 2 years ago