theparanoids / PrioritizedRiskRemediation
A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
☆75Updated last year
Alternatives and similar repositories for PrioritizedRiskRemediation:
Users that are interested in PrioritizedRiskRemediation are comparing it to the libraries listed below
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆194Updated this week
- Stakeholder-Specific Vulnerability Categorization☆147Updated 3 weeks ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆94Updated last year
- One Conference 2024☆109Updated 7 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆58Updated last year
- Anvilogic Forge☆103Updated 2 weeks ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆133Updated last year
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆28Updated 2 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆73Updated 11 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆164Updated 6 months ago
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆16Updated last month
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆85Updated last year
- HASH (HTTP Agnostic Software Honeypot)☆140Updated last year
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆61Updated 2 weeks ago
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 6 months ago
- Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data☆50Updated 9 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 5 months ago
- ☆36Updated 4 months ago
- A full insecure kubernetes application for testing security tools☆84Updated 2 weeks ago
- An index of publicly available and open-source threat detection rulesets.☆49Updated 2 weeks ago
- ☆40Updated 2 months ago
- 🖇️ STRIDE vs. ASVS equivalence table☆76Updated 8 months ago
- A powerful tool that leverages AI to automatically generate comprehensive security documentation for your projects☆76Updated 2 weeks ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆158Updated last week
- Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…☆76Updated 3 weeks ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆72Updated 3 weeks ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆172Updated 5 months ago
- pocket guide for core detection engineering concepts☆28Updated last year
- ☆104Updated 11 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago