usnistgov / OSCAL
Open Security Controls Assessment Language (OSCAL)
☆715Updated last week
Alternatives and similar repositories for OSCAL:
Users that are interested in OSCAL are comparing it to the libraries listed below
- NIST SP 800-53 content and other OSCAL content examples☆333Updated last week
- FedRAMP Automation☆317Updated this week
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆156Updated 2 weeks ago
- Security Documentation Builder☆359Updated last year
- An open source, self-service GRC tool to automate security assessments and compliance.☆186Updated 3 months ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆178Updated last week
- Various deployments of the OSCAL editor☆46Updated 7 months ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 5 years ago
- A simple open source command line tool to support common operations over OSCAL content.☆46Updated 9 months ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆48Updated last week
- A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…☆58Updated 11 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆383Updated 11 months ago
- An initial OpenAPI definition of an OSCAL REST API.☆39Updated 6 months ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆490Updated 11 months ago
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆147Updated this week
- Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.☆218Updated this week
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆134Updated this week
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆313Updated 9 months ago
- NIST CyberSecurity Framework management tool☆162Updated 3 years ago
- A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.☆23Updated 2 years ago
- A Java library to support processing OSCAL content☆31Updated last week
- Tools for the OSCAL project☆35Updated 2 years ago
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆222Updated 11 months ago
- Continuous Audit Metrics☆25Updated 9 months ago
- Automate the creation of a System Security Plan (SSP)☆38Updated last week
- SAMM stands for Software Assurance Maturity Model.☆398Updated 2 years ago
- Vocabulary for Event Recording and Incident Sharing (VERIS)��☆596Updated this week
- A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…☆92Updated 7 months ago
- SCAP Scanner And Tailoring Graphical User Interface☆230Updated last year
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆112Updated 2 weeks ago