usnistgov / OSCAL
Open Security Controls Assessment Language (OSCAL)
☆701Updated this week
Alternatives and similar repositories for OSCAL:
Users that are interested in OSCAL are comparing it to the libraries listed below
- NIST SP 800-53 content and other OSCAL content examples☆320Updated last week
- FedRAMP Automation☆303Updated this week
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆149Updated 2 months ago
- Security Documentation Builder☆355Updated last year
- An open source, self-service GRC tool to automate security assessments and compliance.☆186Updated 2 months ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆173Updated this week
- A simple open source command line tool to support common operations over OSCAL content.☆44Updated 7 months ago
- Various deployments of the OSCAL editor☆46Updated 6 months ago
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 5 years ago
- A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…☆56Updated 10 months ago
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆48Updated last year
- An initial OpenAPI definition of an OSCAL REST API.☆39Updated 4 months ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆488Updated 10 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆379Updated 10 months ago
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆132Updated 3 weeks ago
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆306Updated 7 months ago
- Automate the creation of a System Security Plan (SSP)☆36Updated 2 weeks ago
- A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…☆92Updated 6 months ago
- An API and client for managing STIG assessments☆125Updated this week
- NIST CyberSecurity Framework management tool☆160Updated 3 years ago
- Tools for the OSCAL project☆35Updated last year
- threatspec - continuous threat modeling, through code☆344Updated 4 years ago
- Open Cloud Security Posture Management Engine☆337Updated 2 years ago
- The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…☆222Updated 9 months ago
- CLI for generating policies, standards and control procedures (PSP) documentation in Markdown and publishing to JupiterOne or Confluence☆85Updated 8 months ago
- OWASP Foundation Web Respository☆23Updated last month
- Continuous Audit Metrics☆24Updated 8 months ago
- A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.☆23Updated last year
- Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.☆212Updated this week
- Vocabulary for Event Recording and Incident Sharing (VERIS)☆594Updated 3 weeks ago