Open License Resources
Frameworks and guidance released under open licenses (like Creative Commons). These resources are free to use but have specific license terms that must be followed. 3417 items across 11 resources.
CIS Controls
Critical Security Controls for Effective Cyber Defense
ITSG-33
IT Security Risk Management - Canadian Government Security Control Catalogue
Adobe CCF
Adobe Common Controls Framework - Open-source unified control framework mapping to 20+ compliance standards
Cyber Essentials
UK NCSC Cyber Essentials certification - 5 technical controls to protect against common cyber attacks
BSI C5
Cloud Computing Compliance Criteria Catalogue - German Federal Office for Information Security
SCF
Secure Controls Framework - A comprehensive meta-framework harmonizing 100+ security standards
GovRAMP
Government Risk and Authorization Management Program - Security Baselines for State and Local Government Cloud Services
CSA CCM
Cloud Security Alliance Cloud Controls Matrix - cloud security meta-framework with mappings to major standards
OCSF
Open Cybersecurity Schema Framework - open standard for security data normalization across tools and vendors
FAIR
Factor Analysis of Information Risk - quantitative risk analysis framework for measuring and managing cyber risk
MITRE ATT&CK
Adversarial Tactics, Techniques & Common Knowledge - attack taxonomy that maps across security frameworks
> About Open Licenses
Open license resources are freely available but released under specific license terms (typically Creative Commons). Unlike public domain works, these have some restrictions on use.
Common terms include:
- Attribution (BY) - Credit the original creator
- Non-Commercial (NC) - Free for non-commercial use only
- No Derivatives (ND) - Cannot modify or create derivative works