samlothen / QRALib
Quantitative Risk Analysis in Cybersecurity Library (QRALib)
☆15Updated last year
Related projects ⓘ
Alternatives and complementary repositories for QRALib
- Factor Analysis of Information Risk (FAIR) model written in Python. Managed and maintained by Hive Systems☆92Updated 7 months ago
- Factor Analysis of Information Risk (FAIR) tool developed in R☆20Updated 6 years ago
- ⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews☆34Updated 8 months ago
- Repository for the Open Information Security Risk Universe☆63Updated 2 years ago
- ☆43Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆136Updated 3 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆69Updated 2 weeks ago
- A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.☆62Updated 4 years ago
- Legal, procedural and policies document templates for operating MISP and information sharing communities☆37Updated last year
- A collection of notebooks built for defensive and offensive operations.☆76Updated 4 years ago
- Command line tool for working with Panther rules and policies☆36Updated 2 weeks ago
- A community event for security researchers to share their favorite notebooks☆106Updated 8 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆49Updated 2 years ago
- pocket guide for core detection engineering concepts☆27Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆25Updated last year
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems☆56Updated 10 months ago
- Infrastructure as code for deploying Panther☆10Updated this week
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- ☆41Updated 3 years ago
- misp-cloud - Cloud-ready images of MISP☆72Updated 2 years ago
- A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…☆72Updated last month
- NIST SP 800-53 Rev 5 as Data☆23Updated 4 years ago
- A collection of security related user stories compatible with NIST Special Publication 800-53☆33Updated 7 years ago
- read the docs version of risk management☆24Updated last year
- Stakeholder-Specific Vulnerability Categorization☆128Updated this week
- This script is used to generate some basic detections of the aws security services☆71Updated 2 years ago
- a curated list of useful threat modeling resources☆124Updated 4 months ago