In any data-driven organization, collaboration with your application and network teams is inevitable. Even if this interaction is limited to managing access controls and key management, having a foundational understanding of security principles is essential. During my experience working on data compliance projects, I found the following resources to be valuable.
The MITRE ATT&CK® knowledge base#
This “open to everyone” resource helps you design and build safer IT solutions.
CISO Assistant Community#
Here is the community edition of the CISO Assistant product from the company intuitem.
https://github.com/intuitem/ciso-assistant-community
In a drive to make GRC (Governance, Risk, and Compliance) more accessible for everyone, the company decided to open source their product, see the original blog post here https://intuitem.com/blog/we-are-going-open-source/.
Many thanks to the communities, organisations and people involved in these projects ❤️.