Open Security Controls Assessment Language (OSCAL)
☆922Jul 2, 2026Updated this week
Alternatives and similar repositories for OSCAL
Users that are interested in OSCAL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- NIST SP 800-53 content and other OSCAL content examples☆448May 22, 2026Updated last month
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆228Jun 25, 2025Updated last year
- A simple open source command line tool to support common operations over OSCAL content.☆68Dec 19, 2025Updated 6 months ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆261Updated this week
- Tools for the OSCAL project☆39Mar 16, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A Java library to support processing OSCAL content☆40Dec 17, 2025Updated 6 months ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆51Mar 27, 2026Updated 3 months ago
- Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool☆41Updated this week
- ☆19Oct 19, 2021Updated 4 years ago
- NIST OSCAL SDK and CLI☆39Apr 28, 2020Updated 6 years ago
- A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…☆65Mar 5, 2026Updated 4 months ago
- Automatically generated diagrams for OSCAL models☆23Apr 12, 2022Updated 4 years ago
- A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.☆23Jun 18, 2026Updated 2 weeks ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆63Mar 20, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- An open source, self-service GRC tool to automate security assessments and compliance.☆217Dec 10, 2024Updated last year
- An initial OpenAPI definition of an OSCAL REST API.☆43Sep 18, 2024Updated last year
- Java tools and libraries providing a Metaschema toolchain☆15Oct 27, 2025Updated 8 months ago
- ☆18Jul 14, 2021Updated 4 years ago
- Demo setup for compliance-trestle☆39Jun 18, 2026Updated 2 weeks ago
- Open source tool for processing OSCAL based FedRAMP SSPs☆47Oct 14, 2024Updated last year
- Automate the creation of a System Security Plan (SSP)☆52Apr 27, 2026Updated 2 months ago
- OSCAL SSP content for technologies shipped by Red Hat☆16Mar 2, 2023Updated 3 years ago
- Scripts to import OSCAL example content into the Neo4J graph database☆34Jan 28, 2023Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- hyperGRC is a lightweight, in-browser tool for managing compliance-as-code repositories in OpenControl format.☆29Jan 19, 2022Updated 4 years ago
- Repository for the generation of OSCAL data types☆33Jun 24, 2026Updated last week
- The Compliance Validator☆186Jun 28, 2026Updated last week
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆161May 23, 2026Updated last month
- NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations☆41Feb 25, 2026Updated 4 months ago
- A collection of security related user stories compatible with NIST Special Publication 800-53☆39Mar 14, 2017Updated 9 years ago
- Tools for security content automation, baseline tailoring, and overlay development.☆46Aug 30, 2024Updated last year
- STIG-CCI-CONTROLMAPPER☆17Jun 21, 2018Updated 8 years ago
- ☆13Nov 18, 2025Updated 7 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Compliance-to-Policy (C2P) provides the framework to bridge the gap between compliance and policy administration in Go.☆27Jun 16, 2026Updated 2 weeks ago
- The community area and documents about Code of Conduct.☆18Feb 5, 2021Updated 5 years ago
- YAML schema, examples, and validators for OpenControl format.☆78Jun 4, 2019Updated 7 years ago
- The Auditree framework tool to run compliance control checks as unit tests.☆74Aug 20, 2024Updated last year
- Pulled the H-1 Table from the NIST SP 800-53 Rev. 4. Table maps applicable NIST controls to the ISO/IEC 27001 Controls☆20Aug 5, 2019Updated 6 years ago
- Publish a machine readable version of the ARS standards to facilitate compliance as code efforts.☆25Feb 26, 2024Updated 2 years ago
- Security automation content in SCAP, Bash, Ansible, and other formats☆2,756Updated this week