OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Open Source Multi-Cloud AWS Control Tower

A docker container for openvas

Secure SDLC process template

Sonarqube cloudformation plugin, IaC security supports cfn-nag/checkov

docker modsecurity reverse proxy WAF based on nginx

NIST Information Security Continuous Monitoring (ISCM) and configuration baseline data collector

Official OSSEC docker container

Puppet module that hardens Windows Server to DoD STIG compliance

Leverage Ollion's GCP Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

crypto; from kruptein to hide or conceal

Built a mini HoneyNet in Azure and ingest log sources from various resources into a Log Analytics workspace

Leverage Ollion's AWS Landing Zone to deploy a secure, compliant foundation with ease. The repository contains an implementation of a secure and compliant landing zone pattern that will help expedite cloud migration for an enterprise in a heavily regulated industry.

Overview of existing mappings from and to cyber security controls

Automated security control prioritization using sector-based threat profiles