Alternatives and similar repositories for surface

Users that are interested in surface are comparing it to the libraries listed below

• Toreon / threat-model-playbook
  ☆88Updated 4 years ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆83Updated last year
• kempy007 / VulManAgg
  Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
  ☆32Updated 2 years ago
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆63Updated 5 years ago
• packetchaos / navi
  A Command-line tool which leverages the Tenable Vulnerability Management API to reduce the time it takes to get information that is commo…
  ☆84Updated 3 weeks ago
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆30Updated last year
• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆24Updated 2 years ago
• DefectDojo / sample-scan-files
  Sample scan files for testing DefectDojo imports
  ☆85Updated 5 months ago
• OWASP / www-project-vulnerability-management-guide
  OWASP Foundation Web Respository
  ☆32Updated 3 months ago
• martinsohn / CIS-Controls
  ☆19Updated 3 years ago
• mihir-shah99 / vxdf
  ☆61Updated 8 months ago
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆70Updated 10 months ago
• JavierOlmedo / OWASP-Calculator
  🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
  ☆163Updated 4 years ago
• center-for-threat-informed-defense / m3tid
  The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…
  ☆16Updated 7 months ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆215Updated this week
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆45Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆170Updated last week
• rusakovichma / TicTaaC
  Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …
  ☆68Updated 7 months ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated last year
• mitre / heimdall2
  Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
  ☆246Updated last week
• OpenSecuritySummit / project-ASVS-User-Stories
  ☆20Updated 4 years ago
• pulsedive / certrss
  ☆120Updated last week
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆54Updated 2 years ago
• DSecureMe / vmc
  VMC: a Scalable, Open Source and Free Vulnerability Management Platform
  ☆91Updated last year
• OWASP / www-project-top-10-ci-cd-security-risks
  OWASP Foundation Web Respository
  ☆101Updated last month
• mario-platt / ASVS-Agile-Delivery-Guide
  ☆35Updated 4 years ago
• Patrowl / PatrowlEngines
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆247Updated 3 weeks ago
• rapid7 / vm-console-client-python
  the UNOFFICIAL (but useful) Python library for the Rapid7 InsightVM/Nexpose RESTful API
  ☆78Updated last year
• Patrowl / PatrowlDocs
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆149Updated 3 years ago
• lizfrenz / owasp-vuln-mngmnt
  The vulnerability management guide should help to breakdown vulnerability management process into a manageable repeatable cycles tailored…
  ☆16Updated 5 years ago