Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

Official TODO Website that containts TODO Guides, OSPO use cases and more resources to advance in the OSPO journey

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

Documentation for the Welkin project - a Kubernetes-based platform for software critical to society

Template SOC2 Policy Authority - documentation pipeline

compliance assessment and POA&M management for CMMC/NIST 800-171A

Azure PCI PaaS Reference Architecture

Import all the GPOs provided by SimeonOnSecurity to assist in making your domain compliant with all applicable STIGs and SRGs.

A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.

Open Security Controls Assessment Language (OSCAL) Website Content

Model reference pages for the OSCAL project

Open source RMM Tool for Windows, Linux and MacOS

AWS Security Primer

Blog Repository

Homepage

ansibleAudit is an open source tool designed to perform automated audits of system configurations using Ansible. This tool uses playbooks to verify configurations according to security best practices. If vulnerabilities or misconfigurations are identified, ansibleAudit provides detailed recommendations and procedures to effectively remediate them.

** DEVELOPMENT CODE ** Code sharing development group. HRC shall not be held liable for any claim for any loss or damage as a result of reliance on the information contained in this repository.