fedramp

There are 3 repositories under fedramp topic.

• ciso-assistant-community

  intuitem / ciso-assistant-community

  CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +53 frameworks worldwide: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

  cmmccompliancegrcsoc2gdprauditanssiiso27001cisdoragovernancehipaarisk-managementowaspnistprivacyfedrampbsicybersecuritycjis
  Language:Python 984

• xeol-io / xeol

  A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

  complianceend-of-lifeeolfedrampnistoutdated-depoutdated-librariesoutdated-packagespci-dssrelease-policysbomsecurity
  Language:Go 334

• GSA / fedramp-automation

  FedRAMP Automation

  fedrampautomationsspxmljsonauthorizationsystem-security-plansapsarpoamsecurity-assessment-plansecurity-assessment-reportplan-of-action-and-milestonesoscalfedramp-baselines
  Language:TypeScript 259

• Santiago-Labs / telophasecli

  Open Source AWS Control Tower

  awscompliancefedrampsoc2hitrustnistnist800-53pci
  Language:Go 86

• Mirantis / compliance

  Docker Enterprise Edition Security Controls for Compliance

  opencontrolfedrampdockersspnistdocker-ee
  Language:Go 66

• kosli-dev / secure-sdlc-process-template

  Secure SDLC process template

  audit-trailchange-managementcontinuous-compliancedevops-toolsfedrampiec62304iso27001nist800-171nist800-53sdlcsoc2ssdlc
  Language:HTML 46

• GoComply / fedramp

  Open source tool for processing OSCAL based FedRAMP SSPs

  docxfedrampfedramp-sspsoscaloscal-ssps
  Language:Go 36

• ScaleSec / fedrampup

  Gathers AWS inventory and outputs CSV in the format for FedRAMP SSP

  fedrampsspcloudcompliancedockergocsv
  Language:Go 35

• Coalfire-CF / Coalfire-AWS-RAMPpak

  Coalfire AWS RAMP/pak Reference Architecture

  compliancefedrampaws
  Language:HCL 33

• 18F / bpa-fedramp-dashboard

  FedRAMP Dashboard BPA Order

  agile-bpagsafedrampgovernment
  25

• GoComply / oscalkit

  NIST OSCAL SDK and CLI

  nistfedramposcal
  Language:Go 17

• brasky / python-ssp

  FedRAMP SSP API in Python

  fedrampssppythondocxsecurity-planautomation
  Language:Python 11

• Coalfire-CF / Coalfire-GCP-RAMPpak

  Coalfire GCP RAMP/pak Reference Architecture

  compliancefedrampgcp
  Language:HCL 10

• paulveillard / cybersecurity-gdpr-compliance

  A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about General Data Protection Regulation (GDPR).

  appsecappsecuritycompliance-automationcybercrimecybersecurityfedrampfedramp-baselinesfedramp-lowfedramp-mediumgdprgdpr-checklistgdpr-compliantgdpr-compliant-featuresgdpr-dashboardhipaapci
  10

• austinsonger / automate-aws-evidence-collection

  Point of Concept: To help to automate the collection of evidence for SOC 2 Audits and etc.

  fedrampiso27001soc2
  Language:Shell 7

• Coalfire-CF / Coalfire-Azure-RAMPpak

  Coalfire Azure RAMP/pak Reference Architecture

  azurecompliancefedramp
  Language:HCL 7

• gjyoung1974 / docker-cloudsploit

  dockerized-cloudsplot, CloudSploit is a security and configuration scanner that can detect hundreds of threats in your AWS account. Don't let a single misstep compromise your entire infrastructure.

  configuration-managementcloudcompliancepci-dsshipaafedrampfismaawssecurity-toolssecurity-auditsecurity-scannersecurity-hardeningsecurity-automationcompliance-as-codecompliance-is-awesomecompliance-check
  Language:Shell 7

• austinsonger / eramba-docker

  Docker Build for GRC Tool - Eramba is a tool that helps with compliance, risk management, control testing, exception management, etc.

  grcrisk-managementriskcompliancepci-dsspcihipaanistfedramphitrusteramba
  Language:Shell 5

• brasky / securityplanmanager

  FedRAMP SSP Automation

  fedrampssp
  Language:Python 5

• SoteriaSoftwareLLC / openrmfpro-automation

  OpenRMF Professional open API automation scripts and code to POST, PUT, and GET information via the External API

  automationrmffedrampgrafanascriptsstigsnessus
  Language:Python 5

• anchore / webinar-demo

  Deploy Anchore Enterprise in an environment of your choice. Then follow through a series of labs that showcase how you can improve security across your software supply chain.

  containersdevsecopsfedrampk8ssbomsecurityvulnerability-scannerssupply-chain-security
  Language:Shell 4

• oscal-compass / compliance-trestle-fedramp

  Compliance trestle plugin to support FedRAMP specific functionality.

  oscalpythoncompliancesecurityfedramp
  Language:XSLT 4

• austinsonger / security-compliance-toolkit

  boilerplatecyber-securitycybersecurityinformation-securitytoolkitfedrampframeworkiso27001iso27002nist800-53stateramptx-rampframework-nist
  3

• GoComply / containers

  containers

  oscalfedramproliescapmetaschemaopencontrols
  Language:Dockerfile 3

• UpendoVentures / Dnn.FipsAesCryptoProvider

  This project exists to help DNN website owners by helping them to be FIPS-compliant on your way to and while maintaining your FedRAMP status.

  dnndnncmsdnnplatformdnn-platformcmssecurityfipsfedramp
  Language:C# 3

• 18F / tts-buy-challengegov-ideation

  Market research documents related to the Challenge.gov Ideation Platform.

  governmentusajoyfulprocurementacqstackoffice-of-acquisitiontts18foppchallenge-govideationfedramp
  2

• auditmation / policy-as-code

  Template for Policy as Code repositories

  compliancecompliance-as-codefedrampgdproscalpci-dsspolicypolicy-as-code
  2

• brasky / CIS-Generator

  Create a CIS workbook from an SSP/Addendum

  fedrampciscis-workbookssp
  Language:Python 2

• Coalfire-CF / terraform-aws-s3

  Coalfire AWS s3 Terraform Module

  awscompliancefedrampterraform-module
  Language:HCL 2

• paulveillard / cybersecurity-data-privacy

  A collection of awesome software, libraries, documents, books, resources and cool stuff about Data Privacy in cybersecurity

  databig-datadataprivacygdprfedramppcisecurity-toolssecuritysecurity-audit
  2

• paulveillard / cybersecurity-fedramp-compliance

  An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about FedRamp Compliance in Cybersecurity

  fedrampfedramp-baselinesfedramp-in-scopefedramp-unrestricted
  2

• wxsd-sales / move-to-webex

  Migrate meetings from Zoom, Microsoft teams or even Webex FedRamp to a different Webex commercial or FedRamp org.

  pythonzoomoutlookmicrosoftcalendarfedrampmeetingsmigratetransferwebex
  Language:JavaScript 2

• austinsonger / POAMBuddy

  [Not Production Ready] This repository automates the extraction vulnerability and flaw data from vulnerability sources and then generate a Plan of Actions and Milestones (POAM), addressing identified security issues effectively.

  fedrampnistpoam
  Language:JavaScript 1

• austinsonger / RampControl

  RampControl manages and tracks security compliance per FedRAMP requirements. It allows users to add new system security plans, manage POA&M entries, and export data in OSCAL format.

  compliancefedrampgovernance-risk-compliancegrcnist800-53poam
  Language:Python 1

• Coalfire-CF / terraform-aws-account-setup

  Coalfire AWS Account Setup Terraform Module

  awscompliancefedrampterraform-module
  Language:HCL 1

• Coalfire-CF / terraform-aws-securitycore

  Coalfire AWS Security Core Terraform Module

  awscompliancefedrampsecurityterraform-module
  Language:HCL 1