https://github.com/tomwechsler/cyber_and_information_security_knowledge_base
A structured knowledge base of cybersecurity and information security standards, frameworks, best practices, and guidelines. Covers key resources such as NIST, ISO/IEC, OWASP, CIS, ISACA, and more — to support professionals, students, and organizations in building a solid foundation for secure systems, compliance, and risk management.
https://github.com/tomwechsler/cyber_and_information_security_knowledge_base
cybersecurity information-security knowledge-base security
Last synced: 4 months ago
JSON representation
A structured knowledge base of cybersecurity and information security standards, frameworks, best practices, and guidelines. Covers key resources such as NIST, ISO/IEC, OWASP, CIS, ISACA, and more — to support professionals, students, and organizations in building a solid foundation for secure systems, compliance, and risk management.
- Host: GitHub
- URL: https://github.com/tomwechsler/cyber_and_information_security_knowledge_base
- Owner: tomwechsler
- License: gpl-3.0
- Created: 2025-07-17T16:09:53.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2026-01-29T05:30:13.000Z (5 months ago)
- Last Synced: 2026-01-29T07:36:43.712Z (5 months ago)
- Topics: cybersecurity, information-security, knowledge-base, security
- Homepage:
- Size: 4.41 MB
- Stars: 12
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: Security_Configuration_Assessment/CIS-CAT_Lite.md
Awesome Lists containing this project
README
# Cyber and Information Security Knowledge Base!
A structured knowledge base of cybersecurity and information security standards, frameworks, best practices, and guidelines. This repository is intended as a central reference for professionals, students, and organizations seeking structured, reliable, and vendor-neutral (Not always - but mostly) security knowledge. Covers key resources such as NIST, ISO/IEC, OWASP, CIS, ISACA, and more.
---
## 🌐 Overview
This repository provides structured documentation and explanations of widely adopted:
- **Security Standards**
- **Frameworks**
- **Best Practices**
- **Guidelines**
- **Reference Architectures**
It includes resources from leading organizations such as:
- NIST (National Institute of Standards and Technology)
- ISO/IEC (International Organization for Standardization / International Electrotechnical Commission)
- OWASP (Open Worldwide Application Security Project)
- CIS (Center for Internet Security)
- ISACA (Information Systems Audit and Control Association)
- ENISA (European Union Agency for Cybersecurity)
- And more...
## 📚 Contents
The repository is organized into sections for clarity and ease of use (just an example):
📁 frameworks/
└── NIST-CSF.md
└── ISO-27001.md
└── COBIT.md
📁 guidelines/
└── OWASP-Top10.md
└── CIS-Controls.md
└── ENISA-Guidelines.md
📁 best-practices/
└── Secure-Coding.md
└── Incident-Response.md
└── Cloud-Security.md
📁 mappings/
└── NIST-to-ISO27001.md
└── OWASP-vs-CIS.md
Each document includes:
- A summary of the standard/framework
- Core components and structure
- Key use cases and applicability
- Links to original resources
- Cross-references or mappings (where applicable)
---
## 🎯 Target Audience
This knowledge base is intended for:
- Cybersecurity Professionals
- Information Security Analysts
- GRC (Governance, Risk, Compliance) Practitioners
- IT Auditors and Consultants
- Developers and DevSecOps Engineers
- Students and Educators
---
## ✅ Objectives
- 📖 Provide clear, practical explanations of major standards and practices
- 🌍 Offer vendor-neutral, community-accessible knowledge
- 🔗 Connect frameworks through cross-mappings and comparisons
- 📈 Support security program development, audits, and compliance efforts
---
## 📄 License
This project is licensed under the [GNU General Public License v3.0](LICENSE). You are free to use, copy, and modify the contents for personal, academic, or commercial use with attribution.
---
## 🔗 Resources
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [ISO/IEC 27001 Overview](https://www.iso.org/isoiec-27001-information-security.html)
- [OWASP Official Site](https://owasp.org/)
- [CIS Controls](https://www.cisecurity.org/controls/)
- [ISACA COBIT Framework](https://www.isaca.org/resources/cobit)
---
## 🤝 Acknowledgements
Special thanks to the global cybersecurity community and standardization bodies whose open resources and efforts support this work.
---
Feel free to ⭐️ star this repository if you find it useful, and stay secure!