oscal

usnistgov/oscal-content

NIST SP 800-53 content and other OSCAL content examples

GSA/fedramp-automation

FedRAMP Automation

oscal-compass/compliance-trestle

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

EasyDynamics/oscal-react-library

A library of React components and an example user interface application that provides a direct UI into NIST's Open Security Controls Assessment Language (OSCAL) data in JSON format.

EasyDynamics/oscal-editor-deployment

Various deployments of the OSCAL editor

usnistgov/oscal-cli

A simple open source command line tool to support common operations over OSCAL content.

EasyDynamics/oscal-rest

An initial OpenAPI definition of an OSCAL REST API.

GoComply/fedramp

Open source tool for processing OSCAL based FedRAMP SSPs

usnistgov/oscal-deep-diff

Open Security Controls Assessment Language (OSCAL) Deep Differencing Tool

usnistgov/liboscal-java

A Java library to support processing OSCAL content

EOP-OMB/opal

OSCAL Policy Administration Library (OPAL) provides a simple web application for managing System Security Plans. The data modle is based on the OSCAL standard.

usnistgov/blossom-case-study

A case study for ACSAC 2022 utilizing OSCAL with a custom GitHub action to automate assessments.

AustralianCyberSecurityCentre/ism-oscal

A mirror of ISM OSCAL documents. The authoritative source can be found at https://www.cyber.gov.au/ism/oscal.

EasyDynamics/oscal-rest-service

Implementation of the OSCAL REST API

GoComply/oscalkit

NIST OSCAL SDK and CLI

cyght-io/oscal-diagrams

Automatically generated diagrams for OSCAL models

Vulnetix/vulnetix

Automate vulnerability triage which prioritizes remediation over discovery

usnistgov/OSCAL-DEFINE

Develop Enhancements, Future Implementations and New Education

bradh/ism-oscal

Australian ISM in OSCAL format

EasyDynamics/oscal-demo-content

Sample OSCAL files

oscal-compass/compliance-trestle-ssp-demo

Demonstration of compliance trestle's ssp authoring capabilites.

RedHatProductSecurity/oscal-component-definitions

OSCAL Component Definition Library

usnistgov/OSCAL-Pages

Open Security Controls Assessment Language (OSCAL) Website Content

usnistgov/OSCAL-Reference

Model reference pages for the OSCAL project

usnistgov/oscal-xslt

Open source XSLT for OSCAL display and processing

drsm79/oscal-view

Quick visualisation of OSCAL schemas

EasyDynamics/oscal.io

The source code for for oscal.io

ossf/S2C2F-attestation-schema-and-tool

Secure Supply Chain Consumption Framework (S2C2F) OSCAL Catalog and tool

RedHatProductSecurity/trestle-demo

Demo workflows for continuous compliance with OSCAL content and compliance-trestle

oscal-compass/compliance-trestle-fedramp

Compliance trestle plugin to support FedRAMP specific functionality.

sarnold/yaml-tools

Tools for working with YAML and other structured content.

GoComply/containers

containers

opencomply/oscal-content

Community maintained OSCAL content.

Santiago-Labs/terraform-oscal

auditmation/policy-as-code

Template for Policy as Code repositories