The MITRE Corporation

All

469 repositories

heimdall2
Public
Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.
mitre-saf
TypeScript
•
Other
•60•210•265•52•Updated Jan 11, 2025Jan 11, 2025
ts-inspec-objects
Public
Typescript objects for InSpec profiles
TypeScript
•
Other
•1•3•12•12•Updated Jan 11, 2025Jan 11, 2025
saf
Public
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
mitre mitre-corporation mitre-saf security-automation-framework security json compliance security-automation devsecops
TypeScript
•
Other
•38•138•109•17•Updated Jan 11, 2025Jan 11, 2025
hipcheck
Public
Automatically assess and score software repositories for supply chain risk.
supply-chain-security
Rust
•
Apache License 2.0
•8•87•53•5•Updated Jan 11, 2025Jan 11, 2025
inspec-profile-update-action
Public
Automatically update InSpec profiles using the latest version of DISA STIGs and CIS Benchmarks.
HTML
•
Other
•1•8•8•2•Updated Jan 11, 2025Jan 11, 2025
google-chrome-v2r6-stig-baseline
Public
(WIP) Google Chrome Windows Security Technical Implementation Guide
saf mitre lockheed-martin mitre-corporation mitre-saf
Ruby
•
Other
•2•3•0•2•Updated Jan 10, 2025Jan 10, 2025
azure-foundations-cis-baseline
Public
InSpec profile to validate an Azure cloud environment to the standards of the CIS Azure Foundations Benchmark
Ruby
•
Other
•0•0•0•0•Updated Jan 10, 2025Jan 10, 2025
saf_action
Public
GitHub Action for SAF CLI
mitre mitre-corporation mitre-inspec mitre-saf
JavaScript
•
Other
•0•6•5•0•Updated Jan 10, 2025Jan 10, 2025
mitre-saf
Public
Landing Page Content/Builder for MITRE Security Automation Framework
Vue
•
Other
•406•28•24•2•Updated Jan 10, 2025Jan 10, 2025
saf-site-backend
Public
Strapi backend for the SAF site
JavaScript
•
Other
•3•5•5•12•Updated Jan 9, 2025Jan 9, 2025
microsoft-windows-10-stig-baseline
Public
InSpec profile for Microsoft Windows 10, against DISA's Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1, Release 19
vmware windows-10 mitre-inspec inspec stig mitre-corporation
Ruby
•
Other
•7•14•3•2•Updated Jan 9, 2025Jan 9, 2025
ocsf_ilf_translator
Public
Rust
•
Apache License 2.0
•0•0•0•0•Updated Jan 9, 2025Jan 9, 2025
seal_lib
Public
Rust
•
Apache License 2.0
•0•0•0•0•Updated Jan 9, 2025Jan 9, 2025
caldera
Public
Automated Adversary Emulation Platform
hacking cybersecurity mitre red-team security-automation security-testing mitre-attack adversary-emulation caldera mitre-corporation
Python
•
Apache License 2.0
•1.1k•5.8k•57•8•Updated Jan 9, 2025Jan 9, 2025
tir-docs
Public
Documentation for the TIR project
JavaScript
•
Other
•0•1•0•3•Updated Jan 9, 2025Jan 9, 2025
redhat-enterprise-linux-8-stig-baseline
Public
RHEL 8.X STIG Automated Compliance Validation Profile works with Chef InSpec to perform automated compliance checks of RHEL8.
Ruby
•
Other
•2•1•13•2•Updated Jan 8, 2025Jan 8, 2025
saf-training
Public
This repository contains several courses to learn about using and developing SAF capabilities
JavaScript
•
Other
•4•8•13•2•Updated Jan 8, 2025Jan 8, 2025
WaterSHEDS
Public
Jupyter Notebook
•
Other
•0•0•0•0•Updated Jan 6, 2025Jan 6, 2025
couchbase-enterprise-srg-baseline
Public
(WIP) The Couchbase Enterprise InSpec Baseline aligned to the DISA Database SRG
Ruby
•
Other
•4•2•2•1•Updated Jan 4, 2025Jan 4, 2025
microsoft-365-foundations-cis-baseline
Public
InSpec profile to validate an M365 account to the standards of the CIS Microsoft 365 Foundations Benchmark.
Ruby
•
Other
•1•1•2•0•Updated Jan 3, 2025Jan 3, 2025
o365_example_baseline
Public
Office 365 example profile to test train-pwsh and inspec-pwsh.
Ruby
•
Other
•0•0•0•0•Updated Jan 3, 2025Jan 3, 2025
inspec-pwsh
Public
A resource pack for Inspec that should be used with train-pwsh
Ruby
•
Other
•0•0•1•0•Updated Jan 3, 2025Jan 3, 2025
solaris-11-x86-stig-baseline
Public
inspec lockheed-martin mitre-corporation mitre-saf
Ruby
•
Other
•2•2•0•1•Updated Jan 3, 2025Jan 3, 2025
sample-oracle-mysql-ee-5.7-cis-overlay
Public
Overlay for the baseline InSpec profile at https://github.com/mitre/oracle-mysql-ee-5.7-cis-baseline with modifications based on provided requirements.
Ruby
•0•1•1•0•Updated Jan 3, 2025Jan 3, 2025
ubi8-hardening-demo
Public
Sample code for a Packer template for building a STIG-hardened container
Smarty
•1•2•0•0•Updated Jan 3, 2025Jan 3, 2025
canonical-ubuntu-20.04-lts-stig-baseline
Public
InSpec profile to validate the secure configuration of Ubuntu 20.04, against DISA's Canonical Ubuntu 20.04 LTS Security Technical Implementation Guide (STIG) Version 1, Release 6.
ubuntu stig stig-compliant mitre-corporation mitre-inspec ubuntu2004 mitre-saf
Ruby
•4•7•18•3•Updated Jan 3, 2025Jan 3, 2025
cpsa
Public
Experimental CPSA -- the Cryptographic Protocol Shapes Analyzer experimental version
Scilab
•
Other
•2•14•0•0•Updated Jan 2, 2025Jan 2, 2025
secure-coding-case-studies
Public
Case studies of real secure coding issues to provide educators, project leaders, software development teams, and assessment teams insight into these critical issues and show how to avoid them.
1•1•0•0•Updated Jan 2, 2025Jan 2, 2025
nginx-stigready-baseline
Public
STIG Ready Content: InSpec Profile for NGINX Open Source based off the Web SRG V2R3
nginx security disa inspec stig srg mitre-corporation stigs mitre-saf
Ruby
•
Other
•8•21•5•1•Updated Dec 31, 2024Dec 31, 2024
aws-s3-baseline
Public
A micro InSpec baseline to check for insecure or public s3 buckets in your VPC
aws security s3 s3-bucket inspec aws-security microprofile s3-bucket-leak mitre-corporation s3-security
Ruby
•
Other
•5•14•1•1•Updated Dec 31, 2024Dec 31, 2024