rusakovichma / TicTaaC
Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. Sugar-Free and Secure: no any external dependencies except for chart plotting are used
β61Updated 8 months ago
Alternatives and similar repositories for TicTaaC:
Users that are interested in TicTaaC are comparing it to the libraries listed below
- ποΈ STRIDE vs. ASVS equivalence tableβ76Updated 6 months ago
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different soβ¦β49Updated last week
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ45Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β107Updated last year
- β10Updated 2 years ago
- β32Updated 3 years ago
- β98Updated last week
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrixβ58Updated last year
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.β171Updated 3 months ago
- InfoSec OpenAI Examplesβ19Updated last year
- β18Updated 3 years ago
- OWASP Foundation Web Respositoryβ28Updated 6 months ago
- The Open Security Summit is focused on the collaboration between, Developers and Application Securityβ45Updated 3 months ago
- Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagrβ¦β34Updated 3 weeks ago
- OWASP Foundation Web Respositoryβ29Updated 2 years ago
- OWASP Foundation Web Respositoryβ55Updated last year
- β82Updated 3 years ago
- GCP GOAT is the vulnerable application for learn the GCP Securityβ64Updated last year
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).β72Updated 10 months ago
- Clean accounts over permissions in GCP infra at scaleβ71Updated last year
- A project to visualize the software supply chainβ40Updated last year
- Semgrep rules corresponding to the OWASP ASVS standardβ27Updated 4 years ago
- Protect against subdomain takeoverβ93Updated 9 months ago
- β123Updated last year
- Maturity Model Collaborative projectβ14Updated 2 years ago
- Systematic Universal Security Testing Orchestrationβ37Updated 2 years ago
- β110Updated last year
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β48Updated 8 years ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projectsβ49Updated this week