secmerc / materialize-threats
β61Updated last year
Related projects β
Alternatives and complementary repositories for materialize-threats
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 2 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.β71Updated 3 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulneβ¦β31Updated last year
- Updated incident response generator for training classesβ41Updated 3 years ago
- Vendor Security Model Contractβ97Updated 2 years ago
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β46Updated 7 years ago
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systemsβ56Updated 10 months ago
- Segment's Threat Modeling training for our engineersβ238Updated 3 years ago
- β36Updated 3 years ago
- Semgrep rules corresponding to the OWASP ASVS standardβ27Updated 4 years ago
- OWASP Cloud Security - Enabling conversations through threat and control storiesβ177Updated 5 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.β62Updated 5 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β104Updated 10 months ago
- β121Updated last year
- β30Updated 2 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestratβ¦β274Updated this week
- Threat Modeling Manifestoβ27Updated 4 months ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.β109Updated 4 years ago
- Repository for the Open Information Security Risk Universeβ63Updated 2 years ago
- AppSecPipeline Specification for DevOps automation.β38Updated last year
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ45Updated 2 years ago
- Systematic Universal Security Testing Orchestrationβ37Updated 2 years ago
- β57Updated 4 years ago
- β82Updated 4 years ago
- Security Payload Unit Test Repository (SPUTR)β86Updated last year
- β80Updated 3 years ago
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β74Updated 2 years ago
- AI featured threat modeling and security review actionβ40Updated this week
- A simple web app that helps developers understand the ASVS requirements.β154Updated 8 months ago