Risk Management
Explore 27 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
Apiiro ASPM Platform is an application security solution that provides code-to-runtime visibility, risk assessment, and remediation capabilities to help organizations manage and reduce security risks across their application portfolio.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
An enterprise vulnerability and exposure risk management platform that consolidates, prioritizes, and orchestrates remediation of security vulnerabilities across infrastructure, applications, and cloud environments.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
A data-driven OT risk management platform that uses digital twin technology and breach simulations to assess cybersecurity risks, optimize mitigation strategies, and ensure compliance with industry standards.
A platform that maps enterprise attack surfaces by consolidating asset inventory, prioritizing vulnerabilities based on exposure, and providing contextual visualization of security risks.
XRATOR is a cybersecurity platform that continuously identifies vulnerabilities, assesses business risks, and manages security posture to align with strategic objectives and compliance requirements.
A vulnerability and exposure management platform that unifies security tool data, automates workflows, and provides risk-based prioritization for enterprise vulnerability management programs.
A cyber risk management platform that financially quantifies cyber risks and provides actionable mitigation strategies while integrating with insurance coverage.
An application security platform that aggregates, prioritizes and contextualizes vulnerabilities from multiple security scanners and sources to help manage application and cloud security risks.
An ASPM platform that provides software supply chain security through risk assessment, prioritization, and protection mechanisms.
Uno.ai is an AI-powered GRC platform that automates various governance, risk, and compliance processes to enhance efficiency and risk management.
SecTemplates offers free, comprehensive security program templates and resources for infosec professionals and startups lacking dedicated security teams.
AI Access Security is a tool for managing and securing generative AI application usage in organizations, offering visibility, control, and protection features.
Apex AI Security Platform provides security, management, and visibility for enterprise use of generative AI technologies.
Provides AI-driven cybersecurity solutions including assessments, training, compliance services, and insurance audits to help organizations reduce risk and build a security-aware culture.
ServiceNow Governance, Risk, and Compliance (GRC) is an integrated suite of products that enables organizations to build operational resilience, mitigate risks, and ensure compliance across the enterprise through a unified platform, data model, AI-powered insights, and automated workflows.
SAP GRC and cybersecurity solutions provide integrated capabilities for managing enterprise risk, compliance, international trade, cybersecurity, and identity and access governance, leveraging predictive analytics, real-time monitoring, and automation.
Drata is a cloud-based platform that automates security and compliance processes, evidence collection, and audit preparation for various industry standards and regulations.
Verity is a comprehensive compliance management tool that helps organizations manage their governance, risk, and compliance initiatives.
InfoRisk Today is a key resource for news and insights on information risk management and cybersecurity education.
A general cybersecurity news site providing discussions and news on various cybersecurity topics.
A documentation template library for implementing industrial information security management systems.
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
A community-driven GRC solution that is simple, affordable, and open-source.
A comprehensive guide to securing Industrial Control Systems (ICS) from cyber threats, published by NIST.