usnistgov / OSCAL
Open Security Controls Assessment Language (OSCAL)
☆671Updated this week
Related projects ⓘ
Alternatives and complementary repositories for OSCAL
- NIST SP 800-53 content and other OSCAL content examples☆306Updated this week
- FedRAMP Automation☆283Updated this week
- A list of tools, blog posts, and other resources that further the use and adoption of OSCAL standards.☆139Updated 3 months ago
- Various deployments of the OSCAL editor☆47Updated 3 months ago
- An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.☆165Updated this week
- Security Documentation Builder☆350Updated last year
- A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Asse…☆54Updated 7 months ago
- An initial OpenAPI definition of an OSCAL REST API.☆38Updated last month
- An open source, self-service GRC tool to automate security assessments and compliance.☆180Updated last month
- A repository containing OSCAL serializations of the CIS Critical Security Controls☆48Updated last year
- Joint NIST/FedRAMP tool to interact with OSCAL files via a browser-based GUI☆43Updated 4 years ago
- A simple open source command line tool to support common operations over OSCAL content.☆42Updated 4 months ago
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆125Updated last month
- Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.☆207Updated this week
- NIST CyberSecurity Framework management tool☆157Updated 2 years ago
- A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.☆23Updated last year
- This repository is a collection of resources to help facilitate compliance innovation utilizing Cloud, DevSecOps and Software Factory tec…☆66Updated last year
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆380Updated 7 months ago
- SAMM stands for Software Assurance Maturity Model.☆397Updated 2 years ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆483Updated 7 months ago
- The community area and documents about Code of Conduct.☆18Updated 3 years ago
- A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.☆293Updated 4 months ago
- Tools for the OSCAL project☆34Updated last year
- A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results…☆92Updated 3 months ago
- OSCAL Policy Administration Library (OPAL) provides a simple web application for managing System Security Plans. The data modle is based …☆27Updated last month
- Continuous Audit Metrics☆24Updated 5 months ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆69Updated 2 weeks ago
- Open Cloud Security Posture Management Engine☆333Updated 2 years ago
- An API and client for managing STIG assessments☆119Updated this week