Alternatives and similar repositories for mvsp

Users that are interested in mvsp are comparing it to the libraries listed below

• tailscale / security-policies
  Security policies for Tailscale
  ☆298Updated 3 months ago
• iriusrisk / OpenThreatModel
  The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
  ☆174Updated 8 months ago
• boostsecurityio / poutine
  boostsecurityio/poutine
  ☆308Updated this week
• microsoft / oss-ssc-framework
  Open Source Software Secure Supply Chain Framework
  ☆235Updated 2 years ago
• OWASP / OpenCRE
  ☆119Updated last week
• rpetrich / deciduous
  App that simplifies building decision trees to model adverse scenarios
  ☆215Updated last year
• crashappsec / github-analyzer
  A tool to check the security settings of Github Organizations.
  ☆72Updated 2 years ago
• trufflesecurity / how-to-rotate
  An open-source collection of API key rotation tutorials.
  ☆70Updated last month
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆432Updated 2 months ago
• klarna-incubator / gram
  Gram is Klarna's own threat model diagramming tool
  ☆322Updated last week
• tldrsec / awesome-secure-defaults
  Awesome secure by default libraries to help you eliminate bug classes!
  ☆698Updated 3 months ago
• segmentio / threat-modeling-training
  Segment's Threat Modeling training for our engineers
  ☆245Updated 4 years ago
• google / localtoast
  ☆113Updated last week
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆125Updated 6 months ago
• bullfrogsec / bullfrog
  Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows
  ☆110Updated 2 weeks ago
• JupiterOne / starbase
  Graph-based security analysis for everyone
  ☆348Updated last year
• hashicorp-forge / grove
  A Software as a Service (SaaS) log collection framework.
  ☆174Updated this week
• ossf / wg-metrics-and-metadata
  The purpose of the Metrics & Metadata (formerly Identifying Security Threats) working group is to enable stakeholders to have informed co…
  ☆222Updated last year
• ossf / malicious-packages
  A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
  ☆322Updated this week
• openvex / spec
  OpenVEX Specification
  ☆155Updated 2 months ago
• ossf / secure-sw-dev-fundamentals
  Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
  ☆197Updated this week
• chughes757 / SecureSoftwareSupplyChain
  This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.
  ☆139Updated 3 years ago
• ossf / wg-supply-chain-integrity
  Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
  ☆186Updated last year
• Addepar / RedFlag
  RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…
  ☆152Updated 8 months ago
• DataDog / supply-chain-firewall
  A tool for preventing the installation of malicious npm and PyPI packages
  ☆152Updated last week
• oasis-tcs / csaf
  OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
  ☆178Updated this week
• mllamazares / STRIDE-vs-ASVS
  🖇️ STRIDE vs. ASVS equivalence table
  ☆76Updated 11 months ago
• Rhosys / soc2.fyi
  SOC 2 should be easy to get done and it should be inexpensive. Here's everything you wanted to know.
  ☆41Updated last week
• ossf / wg-security-tooling
  OpenSSF Security Tooling Working Group
  ☆312Updated 3 weeks ago
• smithy-security / smithy
  The security workflow engine!
  ☆119Updated this week