samlothen / QRALib
Quantitative Risk Analysis in Cybersecurity Library (QRALib)
☆15Updated last year
Related projects ⓘ
Alternatives and complementary repositories for QRALib
- Factor Analysis of Information Risk (FAIR) model written in Python. Managed and maintained by Hive Systems☆93Updated 7 months ago
- Factor Analysis of Information Risk (FAIR) tool developed in R☆20Updated 6 years ago
- 🎓Materials for the Hands-On Introduction to OpenFAIR Risk Analysis with Tidyrisk☆13Updated 3 years ago
- ⚖Open Source Toolkit for Quantitative Risk Assessment☆162Updated last year
- A collection of security related user stories compatible with NIST Special Publication 800-53☆34Updated 7 years ago
- ☆43Updated last year
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆36Updated 3 months ago
- NIST SP 800-53 Rev 5 as Data☆23Updated 4 years ago
- Open FAIR Course☆13Updated 4 years ago
- ⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews☆34Updated 8 months ago
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆136Updated 3 years ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆69Updated last month
- Repository for the Open Information Security Risk Universe☆63Updated 2 years ago
- read the docs version of risk management☆24Updated last year
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆109Updated 4 months ago
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems☆56Updated 10 months ago
- ☆16Updated last year
- A risk rating calculation methodology that uses the OWASP Risk Rating Methodology as a basis.☆27Updated 2 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆68Updated 6 months ago
- Stakeholder-Specific Vulnerability Categorization☆130Updated this week
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 3 months ago
- pocket guide for core detection engineering concepts☆27Updated last year
- Documentation on the Cyber Defense Matrix☆24Updated last year
- AI featured threat modeling and security review action☆40Updated this week
- Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)☆30Updated last year
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- ☆32Updated last year
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.☆46Updated 7 years ago