samlothen / QRALib

Related projects ⓘ

Alternatives and complementary repositories for QRALib

• Hive-Systems / pyfair
  Factor Analysis of Information Risk (FAIR) model written in Python. Managed and maintained by Hive Systems
  ☆93Updated 7 months ago
• zugo01 / FAIRTool
  Factor Analysis of Information Risk (FAIR) tool developed in R
  ☆20Updated 6 years ago
• davidski / tidyrisk-workshop
  🎓Materials for the Hands-On Introduction to OpenFAIR Risk Analysis with Tidyrisk
  ☆13Updated 3 years ago
• davidski / evaluator
  ⚖Open Source Toolkit for Quantitative Risk Assessment
  ☆162Updated last year
• GovReady / security-stories-nist800-53
  A collection of security related user stories compatible with NIST Special Publication 800-53
  ☆34Updated 7 years ago
• counteractive / security-controls
  ☆43Updated last year
• risk-redux / control_freak
  NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
  ☆36Updated 3 months ago
• GovReady / nist-sp-800-53-r5-data
  NIST SP 800-53 Rev 5 as Data
  ☆23Updated 4 years ago
• OSUso / FAIR-Open-Course
  Open FAIR Course
  ☆13Updated 4 years ago
• davidski / collector
  ⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews
  ☆34Updated 8 months ago
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆136Updated 3 years ago
• carlota / showmethemoney
  These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…
  ☆69Updated last month
• oracuk / oisru
  Repository for the Open Information Security Risk Universe
  ☆63Updated 2 years ago
• magoo / risk-measurement
  read the docs version of risk management
  ☆24Updated last year
• mikeprivette / NIST-to-Tech
  An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
  ☆109Updated 4 months ago
• adamshostack / conflictmodeling
  A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems
  ☆56Updated 10 months ago
• Deploying-Securely / DSRAM
  ☆16Updated last year
• cutaway-security / IACS_STAR_Methodology
  A risk rating calculation methodology that uses the OWASP Risk Rating Methodology as a basis.
  ☆27Updated 2 months ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆68Updated 6 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆130Updated this week
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 3 months ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆27Updated last year
• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆24Updated last year
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆40Updated this week
• kempy007 / VulManAgg
  Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
  ☆30Updated last year
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 4 years ago
• TTP0 / ttp0_community_templates
  ☆32Updated last year
• devsecops / raindance
  Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.
  ☆46Updated 7 years ago