vendorsec / mvsp

Related projects ⓘ

Alternatives and complementary repositories for mvsp

• tailscale / security-policies
  Security policies for Tailscale
  ☆267Updated 2 weeks ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆231Updated this week
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆169Updated 9 months ago
• rpetrich / deciduous
  App that simplifies building decision trees to model adverse scenarios
  ☆181Updated 4 months ago
• OWASP / OpenCRE
  ☆80Updated this week
• openvex / spec
  OpenVEX Specification
  ☆131Updated 4 months ago
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆75Updated 2 months ago
• cloudflare / har-sanitizer
  ☆203Updated last month
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆119Updated 5 months ago
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆401Updated 2 months ago
• dropbox / vsmc
  Vendor Security Model Contract
  ☆97Updated 2 years ago
• edera-dev / am-i-isolated
  Validate the isolation posture of your container environment.
  ☆152Updated this week
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆140Updated this week
• owasp-change / owasp-change.github.io
  An Open Letter to the OWASP Board
  ☆106Updated last year
• snyk / parlay
  Enrich SBOMs with data from third party services
  ☆117Updated 2 weeks ago
• scribe-public / gitgat
  Evaluate source control (GitHub) security posture
  ☆249Updated last year
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆140Updated 5 months ago
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆60Updated 2 months ago
• ossf / wg-metrics-and-metadata
  The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…
  ☆221Updated 6 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆79Updated this week
• ocsf / ocsf-docs
  OCSF Documentation
  ☆119Updated 3 weeks ago
• DataDog / grimoire
  Generate datasets of cloud audit logs for common attacks
  ☆184Updated 3 months ago
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆69Updated last year
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated last year
• protobom / protobom
  A universal SBOM representation in protocol buffers
  ☆263Updated this week
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆150Updated this week
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆235Updated 2 years ago
• google / localtoast
  ☆107Updated last month
• jstawinski / GitHub-Actions-Attack-Diagram
  ☆152Updated 2 months ago
• DataDog / threatest
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆319Updated 11 months ago