Open Web Application Security Project (OWASP)
OWASP Top Ten
The Open Web Application Security Project (OWASP) is a global nonprofit organization focused on improving software security. OWASP provides a range of resources, including tools, documentation, and standards, to help organizations develop, deploy, and maintain secure web applications.
Center for Internet Security
The 18 CIS Critical Security Controls
The Center for Internet Security (CIS) is a globally recognized nonprofit organization committed to enhancing the cybersecurity readiness and resilience of public and private sector entities. CIS provides a wealth of expertise and resources, including internationally recognized cybersecurity best practices, tools, and benchmarks.
National Institute of Standards and Technology (NIST)
NIST Cybersecurity Framework
The National Institute of Standards and Technology (NIST) is a prominent U.S. federal agency dedicated to promoting innovation and industrial competitiveness. NIST develops and applies technology, measurements, and standards to enhance cybersecurity, among other key domains.
SysAdmin, Audit, Network, and Security Institute (SANS)
SANS Institute Offers a Variety of Free Policy Templates
SANS focuses on providing practical, hands-on knowledge to professionals in the field of information security. SANS offers a wide range of training programs, from entry-level to advanced, covering various cybersecurity domains.
ISACA (Information Systems Audit and Control Association)
Policy and Standards
ISACA offers a range of resources related to policies, standards, and guidelines covering information security, risk management, and more. ISACA have been serving the professional IS/IT community for more than 50 years, leading the industry in career-advancing credentials, like CISA and CISM.
Cybersecurity & Infrastructure Security Agency (CISA)
America's Cyber Defense Agency
CISA is the operational lead for federal cybersecurity and the national coordinator for critical infrastructure security and resilience. We are designed for collaboration and partnership. Learn about our layered mission to reduce risk to the nation’s cyber and physical infrastructure.
International Organization for Standardization (ISO)
ISO/IEC 27000
The International Organization for Standardization (ISO) is a global standardization body that develops and publishes international standards to ensure the quality, safety, efficiency, interoperability, and consistency of products, services, and systems across various industries.