Repositories list

• inspec

  Public
  InSpec: Auditing and Testing Framework

  Ruby

  •

  Other

  •682•4•0•2•Updated Jan 22, 2025Jan 22, 2025

• saf-site-backend

  Public
  Strapi backend for the SAF site

  JavaScript

  •

  Other

  •3•5•5•13•Updated Jan 22, 2025Jan 22, 2025

• hipcheck

  Public
  Automatically assess and score software repositories for supply chain risk.

  supply-chain-security

  Rust

  •

  Apache License 2.0

  •8•89•52•5•Updated Jan 22, 2025Jan 22, 2025

• ts-inspec-objects

  Public
  Typescript objects for InSpec profiles

  TypeScript

  •

  Other

  •1•3•9•5•Updated Jan 22, 2025Jan 22, 2025

• blue-agave

  Public
  Activity Set Platform

  HTML

  •

  Apache License 2.0

  •0•0•0•0•Updated Jan 22, 2025Jan 22, 2025

• azure-foundations-cis-baseline

  Public
  InSpec profile to validate an Azure cloud environment to the standards of the CIS Azure Foundations Benchmark

  Ruby

  •

  Other

  •0•0•0•0•Updated Jan 22, 2025Jan 22, 2025

• pickled-canary

  Public
  Assembly-based binary pattern search!

  Rust

  •

  Apache License 2.0

  •3•14•0•1•Updated Jan 22, 2025Jan 22, 2025

• heimdall2

  Public
  Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.

  mitre-saf

  TypeScript

  •

  Other

  •60•211•265•58•Updated Jan 22, 2025Jan 22, 2025

• saf

  Public
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines

  mitremitre-corporationmitre-saf+ 6security-automation-frameworksecurityjsoncompliancesecurity-automationdevsecops

  TypeScript

  •

  Other

  •38•141•108•16•Updated Jan 22, 2025Jan 22, 2025

• mitre-saf

  Public
  Landing Page Content/Builder for MITRE Security Automation Framework

  Vue

  •

  Other

  •405•28•24•2•Updated Jan 22, 2025Jan 22, 2025

• inspec-profile-update-action

  Public
  Automatically update InSpec profiles using the latest version of DISA STIGs and CIS Benchmarks.

  HTML

  •

  Other

  •1•8•8•2•Updated Jan 22, 2025Jan 22, 2025

• saf-training

  Public
  This repository contains several courses to learn about using and developing SAF capabilities

  JavaScript

  •

  Other

  •4•9•12•2•Updated Jan 21, 2025Jan 21, 2025

• tir-docs

  Public
  Documentation for the TIR project

  JavaScript

  •

  Other

  •0•1•0•3•Updated Jan 18, 2025Jan 18, 2025

• redhat-enterprise-linux-8-stig-baseline

  Public
  RHEL 8.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL8.

  Ruby

  •

  Other

  •2•1•17•4•Updated Jan 17, 2025Jan 17, 2025

• amazon-linux-2023-stig-ready-baseline

  Public
  Chef InSpec to perform automated compliance checks of AL2023

  Ruby

  •

  Other

  •11•4•0•1•Updated Jan 17, 2025Jan 17, 2025

• aws-s3-baseline

  Public
  A micro InSpec baseline to check for insecure or public s3 buckets in your VPC

  awssecuritys3+ 10s3-bucketinspecaws-securitymicroprofiles3-bucket-leakmitre-corporations3-security+ 3

  Ruby

  •

  Other

  •5•14•1•2•Updated Jan 17, 2025Jan 17, 2025

• redhat-enterprise-linux-9-stig-baseline

  Public
  RHEL 9.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL9.

  validationredhatinspec+ 3mitremitre-safredhat9

  Ruby

  •

  Other

  •3•6•3•2•Updated Jan 17, 2025Jan 17, 2025

• emb3d

  Public
  HTML

  •7•23•0•0•Updated Jan 17, 2025Jan 17, 2025

• canonical-ubuntu-18.04-lts-stig-baseline

  Public
  (WIP) canonical-ubuntu-18.04-lts-stig-baseline

  Ruby

  •

  Other

  •4•9•8•1•Updated Jan 16, 2025Jan 16, 2025

• keycloak-custom-policies

  Public
  An event listener for Keycloak for email notification

  Java

  •28•3•0•1•Updated Jan 16, 2025Jan 16, 2025

• mongodb-enterprise-advanced-3-stig-baseline

  Public
  InSpec profile for the MongoDB Enterprise Advanced DISA STIG

  profiledisainspec+ 5stiginspec-profilemitre-corporationmongodb-enterprisedisa-stig

  Ruby

  •

  Other

  •4•4•2•2•Updated Jan 15, 2025Jan 15, 2025

• google-chrome-v2r6-stig-baseline

  Public
  (WIP) Google Chrome Windows Security Technical Implementation Guide

  safmitrelockheed-martin+ 2mitre-corporationmitre-saf

  Ruby

  •

  Other

  •2•3•0•1•Updated Jan 15, 2025Jan 15, 2025

• nginx-stigready-baseline

  Public
  STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3

  nginxsecuritydisa+ 6inspecstigsrgmitre-corporationstigsmitre-saf

  Ruby

  •

  Other

  •8•21•5•0•Updated Jan 15, 2025Jan 15, 2025

• redhat-enterprise-linux-7-stig-baseline

  Public
  InSpec profile to validate the secure configuration of Red Hat Enterprise Linux 7, against DISA's Red Hat Enterprise Linux 7 Security Technical Implementation Guide (STIG) Version 3, Release 10.

  Ruby

  •

  Other

  •46•14•21•3•Updated Jan 14, 2025Jan 14, 2025

• saf_action

  Public
  GitHub Action for SAF CLI

  mitremitre-corporationmitre-inspec+ 1mitre-saf

  JavaScript

  •

  Other

  •0•7•5•0•Updated Jan 10, 2025Jan 10, 2025

• microsoft-windows-10-stig-baseline

  Public
  InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Release 19

  vmwarewindows-10mitre-inspec+ 3inspecstigmitre-corporation

  Ruby

  •

  Other

  •7•14•3•2•Updated Jan 9, 2025Jan 9, 2025

• ocsf_ilf_translator

  Public
  Rust

  •

  Apache License 2.0

  •0•0•0•0•Updated Jan 9, 2025Jan 9, 2025

• seal_lib

  Public
  Rust

  •

  Apache License 2.0

  •0•0•0•0•Updated Jan 9, 2025Jan 9, 2025

• caldera

  Public
  Automated Adversary Emulation Platform

  hackingcybersecuritymitre+ 7red-teamsecurity-automationsecurity-testingmitre-attackadversary-emulationcalderamitre-corporation

  Python

  •

  Apache License 2.0

  •1.1k•5.8k•58•8•Updated Jan 9, 2025Jan 9, 2025

• WaterSHEDS

  Public
  Jupyter Notebook

  •

  Other

  •0•0•0•0•Updated Jan 6, 2025Jan 6, 2025