Alternatives and similar repositories for OSCAL

Users that are interested in OSCAL are comparing it to the libraries listed below

• usnistgov / oscal-content
  NIST SP 800-53 content and other OSCAL content examples
  ☆397Updated 2 weeks ago
• GSA / fedramp-automation
  FedRAMP Automation
  ☆347Updated 7 months ago
• oscal-club / awesome-oscal
  A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.
  ☆190Updated 5 months ago
• opencontrol / compliance-masonry
  Security Documentation Builder
  ☆370Updated 2 years ago
• EasyDynamics / oscal-react-library
  A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…
  ☆63Updated last year
• EasyDynamics / oscal-editor-deployment
  Various deployments of the OSCAL editor
  ☆47Updated last year
• oscal-compass / compliance-trestle
  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
  ☆218Updated last week
• CISecurity / CISControls_OSCAL
  A repository containing OSCAL serializations of the CIS Critical Security Controls
  ☆57Updated 8 months ago
• GovReady / govready-q
  An open source, self-service GRC tool to automate security assessments and compliance.
  ☆196Updated 11 months ago
• usnistgov / oscal-cli
  A simple open source command line tool to support common operations over OSCAL content.
  ☆55Updated 3 months ago
• EasyDynamics / oscal-rest
  An initial OpenAPI definition of an OSCAL REST API.
  ☆40Updated last year
• usnistgov / blossom-case-study
  A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.
  ☆23Updated 2 years ago
• JupiterOne / security-policy-templates
  A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.
  ☆331Updated last week
• CivicActions / ssp-toolkit
  Automate the creation of a System Security Plan (SSP)
  ☆43Updated 5 months ago
• ocsf / ocsf-schema
  OCSF Schema
  ☆748Updated last week
• brian-ruf / OSCAL-GUI
  Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI
  ☆45Updated 5 years ago
• CloudSecurityAlliance / continuous-audit-metrics
  Continuous Audit Metrics
  ☆27Updated last year
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆428Updated last week
• vz-risk / veris
  Vocabulary for Event Recording and Incident Sharing (VERIS)
  ☆624Updated last week
• center-for-threat-informed-defense / attack-control-framework-mappings
  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…
  ☆497Updated last year
• OWASP / www-project-threat-and-safeguard-matrix
  OWASP Foundation Web Respository
  ☆26Updated this week
• center-for-threat-informed-defense / security-stack-mappings
  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…
  ☆389Updated last year
• usnistgov / oscal-tools
  Tools for the OSCAL project
  ☆36Updated 2 years ago
• risk-redux / control_freak
  NIST SP 800-53, Security and Privacy Controls for Federal Information Systems and Organizations
  ☆40Updated last month
• brianwifaneye / NIST-CSF
  NIST CyberSecurity Framework management tool
  ☆166Updated 4 years ago
• OpenCSPM / opencspm
  Open Cloud Security Posture Management Engine
  ☆342Updated 3 years ago
• securecontrolsframework / securecontrolsframework
  Config files for my GitHub profile.
  ☆403Updated last month
• cisagov / development-guide
  A set of guidelines and best practices for an awesome engineering team
  ☆260Updated 2 weeks ago
• ossf / wg-metrics-and-metadata
  The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…
  ☆223Updated last year
• ossf / gemara
  Minimizing rework for governance activities.
  ☆30Updated last week