AGENTS.md — a simple, open format for guiding coding agents

Claude Skills for Governance, Risk, & Compliance (GRC): Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, EU AI Act, ISO 42001, ISO 27701, DORA, CSRD, …

Docker implementation of CISA's ScubaGoggles (https://github.com/cisagov/Scubagoggles)

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

Automation to assess the state of your M365 tenant against CISA's baselines

Find cloud assets that no one wants exposed 🔎 ☁️

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

A suite of tools to automate software compliance checks.

Support CI generation of SBOMs via golang tooling.

List of Github repositories and articles with list of dorks for different search engines

Automated Adversary Emulation Platform

Official OWASP Top 10 Document Repository

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

in-toto Attestation Framework

Supply-chain Levels for Software Artifacts

VSAQ is an interactive questionnaire application to assess the security programs of third parties.

Compliance automation framework, focused on SOC2

Xenon GDPR Compliant Cybersecurity and Privacy Plan for B2B SaaS

A system for quickly generating training data with weak supervision