Cyber Resources
AI for Cybersecurity, Governance, and Assurance
NIST AI Risk Management Framework (AI RMF): Guidance to identify, measure, and manage AI risks across the AI lifecycle.
NIST AI RMFISO/IEC 42001 — AI Management System: International standard for establishing and operating an AI management system.
ISO/IEC 42001EU AI Act: EU-wide law classifying AI risk levels and setting obligations for providers and users.
EU AI ActOWASP Top 10 for LLM Applications: Top risks and mitigations for building and operating LLM-based apps.
OWASP Top 10 for LLMsCloud Security Alliance (CSA) — AI Safety & Security: Research and best practices for secure, responsible AI in cloud contexts.
CSA AI
Core Frameworks and Governance
NIST Cybersecurity Framework (CSF) 2.0: Outcome-based security framework for identify, protect, detect, respond, recover.
NIST CSF 2.0MITRE ATT&CK: Knowledge base of adversary tactics and techniques for threat-informed defense.
MITRE ATT&CKCIS Critical Security Controls v8: Prioritized set of technical safeguards to reduce common cyber risks.
CIS ControlsOWASP (Top 10, ASVS, SAMM): Community standards for application security risks, verification, and maturity.
OWASPISO/IEC 27001: International standard for an information security management system (ISMS).
ISO/IEC 27001
Threats, Vulns, and Prioritization
CISA Known Exploited Vulnerabilities (KEV): Catalog of vulnerabilities known to be actively exploited; patch-first list.
CISA KEVNational Vulnerability Database (NVD): U.S. repository of CVEs with scoring and metadata.
NVDFIRST EPSS: Probability scores estimating how likely a CVE will be exploited.
FIRST EPSSATT&CK Navigator: Visual tool to map detections, coverage, and threats to ATT&CK techniques.
ATT&CK Navigator
Incident Response and SOC Essentials
NIST SP 800-61r2: Practical guide for incident handling processes and roles.
SP 800-61CISA Incident Response Playbooks: Government-published playbooks for common incident types and response steps.
CISA IR PlaybooksSigma: Portable, SIEM-agnostic rule format for detections.
Sigma HQZeek and Suricata: Open-source tools for network telemetry and IDS/IPS, respectively.
Zeek | SuricataTheHive and Velociraptor: Open-source case management and DFIR collection/triage tooling.
TheHive | Velociraptor
Identity and Access
NIST SP 800-63: Standards for digital identity proofing, authentication, and federation.
SP 800-63FIDO Alliance (FIDO2/WebAuthn): Passwordless, phishing-resistant authentication standards.
FIDO Alliance
Cloud and Kubernetes
CIS Benchmarks: Hardening guides for cloud services, OSes, containers, and Kubernetes.
CIS BenchmarksNSA/CISA Kubernetes Hardening: Authoritative guidance for securing Kubernetes clusters.
NSA/CISA K8s HardeningOpen Policy Agent (OPA) and Kyverno: Policy-as-code engines to enforce guardrails in clusters and platforms.
OPA | Kyverno
Application Security and Supply Chain
OWASP ASVS and Top 10: Verification standard and top risks for secure app design and testing.
OWASP ASVS | OWASP Top 10OpenSSF + SLSA: Best practices and levels for software supply chain security.
OpenSSF | SLSASigstore and CycloneDX: Artifact signing/provenance and SBOM standard for dependency transparency.
Sigstore | CycloneDX
Data Security and Privacy
NIST SP 800-53 rev. 5: Catalog of security and privacy controls for systems and organizations.
SP 800-53ISO/IEC 27701: Extension to ISO 27001 for privacy information management.
ISO/IEC 27701NIST Privacy Framework: Risk-based approach to managing privacy through design and operations.
NIST Privacy Framework
Research, Reporting, and Briefings
Verizon DBIR: Annual data-driven report on breaches, attack patterns, and trends.
Verizon DBIRSANS NewsBites: Twice-weekly curated summaries of major security news for leaders.
SANS NewsBitesCISA Alerts/Subscriptions: Official U.S. advisories, alerts, and bulletins for timely threats.
CISA Alerts