3 repositorios
Methods and tools for verifying the effectiveness of security controls like antivirus and EDR.
Distinct from Security Control Validation: The candidates focus on mobile platforms or general automation, whereas this is specifically about validating security control efficacy against simulated attacks.
Explore 3 awesome GitHub repositories matching security & cryptography · Security Control Validations. Refine with filters or upvote what's useful.
This project is a comprehensive security suite and knowledge base focused on the engineering and construction of trustworthy digital and physical systems. It provides a systematic framework for security engineering design, covering the establishment of high-assurance architectures and the implementation of security models that govern how a system achieves its safety goals. The project is distinguished by its focus on formal assurance and adversarial deterrence. It includes methodologies for creating security assurance cases and proofs to verify system trustworthiness, alongside economic and t
Evaluates whether security controls are functionally correct and non-bypassable to effectively enforce access policies.
Monkey is an adversary emulation platform and breach and attack simulation tool designed to test network defenses through automated lateral movement and exploit delivery. It functions as a network security testing system that evaluates security posture by attempting to propagate through vulnerabilities and extract sensitive system credentials. The platform distinguishes itself by simulating specific real-world attacker behaviors, such as ransomware encryption, cryptojacking, and the theft of browser-stored credentials and secure shell keys. It utilizes binary hash randomization to evade antiv
Tests if antivirus and detection systems can identify and block malicious payloads and unauthorized agent activity.
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do
Teaches categorizing safeguards as administrative, technical, physical, operational, or legal for a comprehensive defense.