nist800-53

There are 2 repositories under nist800-53 topic.

• ossec / ossec-hids

  OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

  hidssecuritypci-dssnist800-53osseccomplianceintrusion-detectionfimloganalyzerpolicy-monitoringfile-integrity-management
  Language:C 4293

• center-for-threat-informed-defense / attack-control-framework-mappings

  🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

  ctictidcyber-threat-intelligencecybersecuritymitre-attacknist800-53risk-managementsecurity-controlsthreat-informed-defense
  Language:Python 471

• bmarsh9 / gapps

  Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

  compliancesecuritysoc2grccmmc27002iso27001nisthipaanist-csfnist800-53asvsowaspowasp-top-10cscpcipci-dsscis18
  Language:HTML 355

• oscal-compass / compliance-trestle

  An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

  complianceoscalnist800-53pypi
  Language:Python 146
• NIST-to-Tech

  mikeprivette / NIST-to-Tech

  An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

  nist-cybersecurity-frameworkcybersecuritynistnist-csfblueteamredteampurpleteamcyber-securitycyber-security-teamnist800-53pentestingpentesting-toolspentestinfosecinfosec-approvedinfosec-referencenetsecnetsec-toolsnetsecurityvulnerability
  104

• Santiago-Labs / telophasecli

  Open Source Multi-Cloud AWS Control Tower

  awscompliancefedrampsoc2hitrustnistnist800-53pci
  Language:Go 82

• Atomicorp / openvas-docker

  A docker container for openvas

  openvasscannerdockersecurityfips-140-2pci-dssnist800-53gdpr
  Language:TeX 68

• kosli-dev / secure-sdlc-process-template

  Secure SDLC process template

  audit-trailchange-managementcontinuous-compliancedevops-toolsfedrampiec62304iso27001nist800-171nist800-53sdlcsoc2ssdlc
  Language:HTML 42

• counteractive / security-controls

  nist-csfnist800-53nist800-171controlsinfosecriskcompliance
  Language:HTML 41

• Hack23 / sonar-cloudformation-plugin

  Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov

  cloudformationawssecuritycfn-nagsonarqubedevsecopsquality-profilessonar-cloudformation-plugincloudformation-rulescloudformation-templates800-53cwenist800-53checkovterraformazurearm
  Language:Java 22

• Atomicorp / nginx-waf-docker

  docker modsecurity reverse proxy WAF based on nginx

  nginxwafmodsecuritymodsecurity-nginxlibmodsecuritydockerdocker-imagesecurityproxypci-dssnist800-53gdprintrusion-detectionintrusion-preventionvirtual-patching
  Language:Shell 15

• perlogix / cmon

  NIST Information Security Continuous Monitoring (ISCM) and configuration baseline data collector

  kubernetescloudconfiguration-managementauditsecurity-toolssecurity-automationcontinuous-monitoringdockerelasticsearchnistnist800-53
  Language:Go 15

• Atomicorp / ossec-docker

  Official OSSEC docker container

  ossec-dockerossecossec-serverintrusion-detectionloganalyzerfile-integrity-managementpci-dssgdprnist800-53compliancemonitoringdocker-containerdockervulnerability-detection
  Language:Shell 13

• autostructure / secure_windows

  Puppet module that hardens Windows Server to DoD STIG compliance

  stigstig-vulnerabilitiespuppetsecuritywindowswindows-serverdodnist800-53nist
  Language:Puppet 13

• ollionorg / gcp-landing-zone

  Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

  cloud-compliancecloud-securitycompliancefoundationgcpgcp-landing-zonesnist800-53opapci-dssregulasecuritysecurity-foundationgcp-landing-zonecis-gcp-benchmarkgcp-enterprice-foundations-blueprintgoogle-cloud-landing-zonegoogle-cloud-landing-zone-platform
  Language:HCL 13

• 0xbythesecond / Azure-SOC-Honeynet-Project

  Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

  azurehoneynetlog-analytics-workspacenetwork-security-groupssentinelkqlnist800-53powershellsecurityalertsecurityeventsyslogazurenetworkanalyticsnist800-61azure-virtual-networkssecurity-operations-centersoc-analyst
  6

• jas- / kruptein

  crypto; from kruptein to hide or conceal

  cryptosymmetric-key-cryptographysymmetric-cryptographysymmetric-encryptionscryptkey-derivationencryptiondecryptionencryptdecrypthashinghmaccipherciphertextnist800-53nistfips-140-2nodeasn1fips-140-3
  Language:JavaScript 6

• ollionorg / aws-landing-zone

  Leverage Ollion's AWS Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

  awsaws-landing-zoneaws-landing-zonessecuritycis-aws-benchmarkcloud-compliancecloud-securitycompliancefoundationnist800-53opapci-dsssecurity-foundationaws-foundation-security-best-practices
  Language:HCL 5

• AbeWinters / control-mappings

  Overview of existing mappings from and to cyber security controls

  cis-controlsiso-27001nist-csfnist800-53security-controlscybersecurity
  3

• AbeWinters / Threat-Profiles-for-Control-Prioritization

  Automated security control prioritization using sector-based threat profiles

  cticyber-threat-intelligencecybersecuritythreat-actorscis-controlsetdaiso27001mitre-attacknist800-53security-controlscontrol-prioritization
  Language:Jupyter Notebook 2

• k-gomez / mitre-attack-nist

  This tool allows you to prioritize MITRE ATT&CK techniques for your adversaries and collect corresponding NIST SP 800-53 security controls.

  mitre-attacknist800-53securitysecurity-tools
  Language:HTML 1

• patrickmryan / ansible-role-800-53

  rhel7stig-compliantnist800-53ansible
  1
• ezGPT

  ResTech-AI / ezGPT

  We make Generative AI accessible to Federal agencies and businesses. Easy-to-use ezGPT™ platform eliminates the need for in-house expertise and delivers pre-built solutions for rapid innovation. With security and privacy at its core, we unlock the potential of AI. Our innovative chatbot guides users, ensuring a smooth and successful experience.

  generative-aifips-140-2nist800-53responsible-aitrustworthy-aiezgpt
  1

• trevor-vaughan / simp-doc

  The SIMP Product Documentation

  simpdocumentationnist800-53disastigautomationsphinxrestructuredtext
  Language:Ruby 1

• ResTech-AI / .github

  We make Generative AI accessible to Federal agencies and businesses. Easy-to-use ezGPT™ platform eliminates the need for in-house expertise and delivers pre-built solutions for rapid innovation. With security and privacy at its core, we unlock the potential of AI. Our innovative chatbot guides users, ensuring a smooth and successful experience.

  responsible-aitrustworthy-aiezgptnist800-53fips-140-2
  Language:HTML 0

• tanyaleepr / panama-papers

  Vigilante Vixen has learned that there were many security vulnerabilities from their technical, behavioral, law, and human resources aspects. Despite us not being directly involved in offshore financial services or the legal profession, technology roles have a considerable amount of opportunity to review this case and implement security regulations

  behavioral-analysiscompliancecyber-threat-analystdata-leakdata-leakage-preventioninfosecitnist-csfnist800-171nist800-53panama-papersrisk-analysisrisk-assessmentrisk-managementvulnerability-assessment
  0

• ziyanali30 / CyberSecurity

  Portfolio for Cyber Security projects and works

  auditcsfgdprnist800-53owasppiidnsnetworknetwork-analysistcpudp