Alternatives and similar repositories for surface:

Users that are interested in surface are comparing it to the libraries listed below

• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆73Updated 11 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 7 months ago
• xvnpw / sec-docs
  An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects
  ☆27Updated last month
• MrSecure / review-security-groups
  A small set of scripts to summarize AWS Security Groups, and generate visualizations of the rules.
  ☆62Updated 4 years ago
• Whitespots-OU / security-requirements-generator
  A small tool to help developers understand a huge set of security requirements from appsec teams
  ☆45Updated 2 years ago
• Toreon / threat-model-playbook
  ☆86Updated 3 years ago
• martinsohn / CIS-Controls
  ☆14Updated 2 years ago
• DataDog / workload-security-evaluator
  Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
  ☆30Updated 5 months ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆53Updated last year
• piercing-index / cloud-vulnerabilities
  ☆41Updated last month
• xvnpw / ai-threat-modeling-action
  AI featured threat modeling and security review action
  ☆43Updated 4 months ago
• kempy007 / VulManAgg
  Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
  ☆30Updated last year
• anvilogic-forge / armory
  Anvilogic Forge
  ☆95Updated last week
• Threat-Modeling-Manifesto / threat-modeling-manifesto
  Threat Modeling Manifesto
  ☆28Updated 8 months ago
• packetchaos / navi
  A Command-line tool which leverages the Tenable.io API to reduce the time it takes to get information that is common during remediation o…
  ☆75Updated this week
• wiz-sec-public / wiz-research-iocs
  ☆37Updated last month
• latiotech / insecure-kubernetes-deployments
  A full insecure kubernetes application for testing security tools
  ☆70Updated this week
• OWASP / OpenCRE
  ☆100Updated this week
• OWASP / www-project-cyber-defense-matrix
  Documentation on the Cyber Defense Matrix
  ☆24Updated last year
• pulsedive / certrss
  ☆117Updated last year
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 5 months ago
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆69Updated last week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆170Updated 4 months ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated 10 months ago
• jgamblin / patchthisapp
  Code and Website For PatchThis.app
  ☆29Updated this week
• nccgroup / ccs
  ☆110Updated last year
• SecurityBagel / MITRE_ATTACK_PowerBI_
  MITRE ATT&CK Based App in Power BI
  ☆13Updated last year
• SecurityBagel / SCFBagel
  A Secure Controls Framework (SCF) Power BI App
  ☆16Updated 5 months ago
• TTP0 / ttp0_community_templates
  ☆32Updated last year
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆140Updated last week