OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
翻译 - OSSEC是基于开源主机的入侵检测系统,它执行日志分析,文件完整性检查,策略监视,rootkit检测,实时警报和主动响应。
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com
🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
翻译 - 安全控制框架到MITER ATT&CK的映射为组织提供了至关重要的资源,以评估其针对实际威胁的安全控制范围,并为将基于ATT&CK的威胁信息集成到风险管理流程中提供了桥梁。
An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Open Source AWS Control Tower
Secure SDLC process template
A compliance analysis tool which enables organizations to more quickly articulate their compliance posture and also generate supporting evidence artifacts
Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov
Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite ...
NIST Information Security Continuous Monitoring (ISCM) and configuration baseline data collector
docker modsecurity reverse proxy WAF based on nginx
Puppet module that hardens Windows Server to DoD STIG compliance
Official OSSEC docker container
Overview of existing mappings from and to cyber security controls
Leverage Ollion's AWS Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite ...
Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace
#安全#crypto; from kruptein to hide or conceal