samlothen / QRALib

Related projects ⓘ

Alternatives and complementary repositories for QRALib

• Hive-Systems / pyfair
  Factor Analysis of Information Risk (FAIR) model written in Python. Managed and maintained by Hive Systems
  ☆92Updated 7 months ago
• zugo01 / FAIRTool
  Factor Analysis of Information Risk (FAIR) tool developed in R
  ☆20Updated 6 years ago
• davidski / collector
  ⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews
  ☆34Updated 8 months ago
• oracuk / oisru
  Repository for the Open Information Security Risk Universe
  ☆63Updated 2 years ago
• counteractive / security-controls
  ☆43Updated last year
• amrandazz / attack-guardduty-navigator
  A MITRE ATT&CK Navigator export for AWS GuardDuty Findings
  ☆136Updated 3 years ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 2 months ago
• carlota / showmethemoney
  These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…
  ☆69Updated 2 weeks ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 4 years ago
• MISP / misp-compliance
  Legal, procedural and policies document templates for operating MISP and information sharing communities
  ☆37Updated last year
• OTRF / notebooks-forge
  A collection of notebooks built for defensive and offensive operations.
  ☆76Updated 4 years ago
• panther-labs / panther_analysis_tool
  Command line tool for working with Panther rules and policies
  ☆36Updated 2 weeks ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆106Updated 8 months ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆49Updated 2 years ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆27Updated last year
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆79Updated 2 years ago
• threat-punter / detection-as-code-example
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆25Updated last year
• adamshostack / conflictmodeling
  A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systems
  ☆56Updated 10 months ago
• panther-labs / panther-auxiliary
  Infrastructure as code for deploying Panther
  ☆10Updated this week
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 3 years ago
• megan201296 / gsuite-dfir
  ☆41Updated 3 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆72Updated 2 years ago
• packetchaos / navi
  A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…
  ☆72Updated last month
• GovReady / nist-sp-800-53-r5-data
  NIST SP 800-53 Rev 5 as Data
  ☆23Updated 4 years ago
• GovReady / security-stories-nist800-53
  A collection of security related user stories compatible with NIST Special Publication 800-53
  ☆33Updated 7 years ago
• magoo / risk-measurement
  read the docs version of risk management
  ☆24Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆128Updated this week
• sonofagl1tch / AWSDetonationLab
  This script is used to generate some basic detections of the aws security services
  ☆71Updated 2 years ago
• redshiftzero / awesome-threat-modeling
  a curated list of useful threat modeling resources
  ☆124Updated 4 months ago