secmerc / materialize-threats
β61Updated last year
Related projects β
Alternatives and complementary repositories for materialize-threats
- ποΈ STRIDE vs. ASVS equivalence tableβ75Updated 2 months ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.β71Updated 3 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulneβ¦β31Updated last year
- β36Updated 3 years ago
- Segment's Threat Modeling training for our engineersβ238Updated 3 years ago
- OWASP Cloud Security - Enabling conversations through threat and control storiesβ177Updated 5 years ago
- β121Updated last year
- Project intended to make Attack Maps part of software development by reducing the time it takes to complete them.β46Updated 7 years ago
- Semgrep rules corresponding to the OWASP ASVS standardβ27Updated 4 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.β62Updated 5 years ago
- A small tool to help developers understand a huge set of security requirements from appsec teamsβ45Updated 2 years ago
- Vendor Security Model Contractβ97Updated 2 years ago
- Updated incident response generator for training classesβ41Updated 3 years ago
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.β156Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.β74Updated 2 years ago
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.β104Updated 9 months ago
- All-in-one tool for managing vulnerability reports from AppSec pipelinesβ105Updated last year
- β57Updated 4 years ago
- A simple web app that helps developers understand the ASVS requirements.β154Updated 8 months ago
- ThreatModel for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approachβ151Updated last year
- GCP CSPM using Google Sheetsβ34Updated 4 months ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestratβ¦β274Updated 2 weeks ago
- Repository for the Open Information Security Risk Universeβ63Updated 2 years ago
- AppSecPipeline Specification for DevOps automation.β38Updated last year
- Cloud Security Dashboard for AWS - based on ScoutSuiteβ0Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findingsβ136Updated 3 years ago
- A place to gather and organize information about using threat modeling frameworks to deal with social conflict in online systemsβ56Updated 10 months ago
- A step-by-step walkthrough of CloudGoat 2.0 scenarios.β133Updated 4 years ago
- Pin designs for security related itemsβ37Updated 5 months ago