PingCastle - Get Active Directory Security at 80% in 20% of the time

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +60 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more

The universal GraphQL API and CSPM tool for AWS, Azure, GCP, K8s, and tencent.

Collection of pure Rust elliptic curve implementations: NIST P-224, P-256, P-384, P-521, secp256k1, SM2

Open Security Controls Assessment Language (OSCAL)

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay informed about the latest trends.

Tool to find CVEs and Exploits.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

A scanner for end-of-life (EOL) software and dependencies in container images, filesystems, and SBOMs

🔒 Laravel validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.

A simple Java command-line utility to mirror the CVE JSON data from NIST.

Industry Working Group on Automated Cryptographic Algorithm Validation

Periodic table, physical constants, and molecule parsing for quantum chemistry.

NIST/NCCoE Mobile Threat Catalogue

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

NIST Biometric Image Software (Java Implementation)

Improved version of the NIST Statistical Test Suite (STS)

Open Source AWS Control Tower

A simple wrapper for the National Vulnerability CVE/CPE API