(WIP) Chef recipe for hardening tomcat 8 to the CIS Tomcat Benchmark v1.0.1

DEMO: This InSpec profile provides a minimal - however incomplete - example to include functional and security testing for a the helloworld-web docker application.

(WIP) The mitre-inspec.github.io project website

ALPHA WIP A parselet to parse and work with native InSpec Profiles

WIP - Keycloak Security Technical Implementation Guide

This repository includes example step functions for automating SAF tools in a workflow.

WIP Chef Recipe to harden a Windows IIS server v8.5 to the DISA STIG requirements

DetectiveAttacks aims to simplify the process of mitigating cyber attacks directed toward digital infrastructure.

Fully up to date vuepress and vuepress-new-hope theme of the SAF training site

(DEPRECATED) Parser for PDF security guidance documents to an InSpec profile

ALPHA WIP A hardening recipe and cookbook for the CIS Docker Community Edition Benchmark

DEPRECATED: A small parser to take the JSON full output of an InSpec profile and create/update the DISA Checklist file.

A small install guide for installing inspec

A collection of samples of inspec profile data, results data and other tidbits

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Example: AWS InSpec profile for validation of AWS infrastructure

WIP Chef recipe to harden a windows iis site or sites to the DISA STIG requirements

GitHub Action for SAF CLI

COSA Client application which communicates with the COSA API server

Inspec Profile for the JRE 8 STIG