Alternatives and similar repositories for OSCAL

Users that are interested in OSCAL are comparing it to the libraries listed below

• usnistgov / oscal-content
  NIST SP 800-53 content and other OSCAL content examples
  ☆358Updated 2 weeks ago
• GSA / fedramp-automation
  FedRAMP Automation
  ☆336Updated 2 months ago
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆165Updated 2 months ago
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆191Updated this week
• opencontrol / compliance-masonry
  Security Documentation Builder
  ☆361Updated last year
• EasyDynamics / oscal-react-library
  A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…
  ☆59Updated last year
• GovReady / govready-q
  An open source, self-service GRC tool to automate security assessments and compliance.
  ☆192Updated 6 months ago
• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆46Updated 10 months ago
• usnistgov / oscal-cli
  A simple open source command line tool to support common operations over OSCAL content.
  ☆49Updated last year
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆52Updated 3 months ago
• EasyDynamics / oscal-rest
  An initial OpenAPI definition of an OSCAL REST API.
  ☆39Updated 9 months ago
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆43Updated 5 years ago
• usnistgov / oscal-tools
  Tools for the OSCAL project
  ☆36Updated 2 years ago
• usnistgov / blossom-case-study
  A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.
  ☆24Updated 2 years ago
• mitre / inspec_tools
  A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…
  ☆93Updated 10 months ago
• Cingulara / openrmf-docs
  Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…
  ☆139Updated last month
• securecontrolsframework / securecontrolsframework
  Config files for my GitHub profile.
  ☆345Updated 2 months ago
• usnistgov / liboscal-java
  A Java library to support processing OSCAL content
  ☆34Updated last week
• brianwifaneye / NIST-CSF
  NIST CyberSecurity Framework management tool
  ☆166Updated 3 years ago
• emreugurlu / security-grc-tools
  ☆10Updated last year
• Threagile / threagile
  Agile Threat Modeling Toolkit
  ☆675Updated last week
• JupiterOne / security-policy-templates
  A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.
  ☆315Updated last year
• center-for-threat-informed-defense / attack-control-framework-mappings
  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…
  ☆493Updated last year
• threatspec / threatspec
  threatspec - continuous threat modeling, through code
  ☆358Updated 4 years ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆397Updated this week
• CloudSecurityAlliance / continuous-audit-metrics
  Continuous Audit Metrics
  ☆27Updated last year
• oscal-club / community
  The community area and documents about Code of Conduct.
  ☆18Updated 4 years ago
• OWASP / samm
  SAMM stands for Software Assurance Maturity Model.
  ☆398Updated 3 years ago
• trevorbryant / awesome-controls
  A collection of awesome security controls mapping for solutions across frameworks.
  ☆56Updated 5 years ago
• google / vsaq
  VSAQ is an interactive questionnaire application to assess the security programs of third parties.
  ☆854Updated 4 years ago