Foundations#
CA/Browser Forum
The Certification Authority Browser Forum (CA/Browser Forum) is a voluntary gathering of Certificate Issuers and suppliers of Internet browser software and other applications that use certificates (Certificate Consumers).
Center for Internet Security (CIS)
The Center for Internet Security (CIS) is a 501©(3) organization is dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. CIS’s Mission is to: Identify, develop, validate, promote, and sustain best practices in cybersecurity; Deliver world-class security solutions to prevent and rapidly respond to cyber incidents; and Build and lead communities to enable an environment of trust in cyberspace.
FIRST
FIRST is the premier organization and recognized global leader in incident response.
Global Encryption Coalition
The Global Encryption Coalition promotes and defends encryption in key countries and multilateral fora where it is under threat. The foundation also provides crucial resources to learn more on encryption.
IDPro Body of Knowledge
The IDPro Body of Knowledge is a compilation of IAM crucial up-to-date knowledge. This content is created and reviewed by the IAM professionals. All articles are peer reviewed. Within this resource you can find an ‘IAM Reference Architecture’, articles on ‘Authentication and Authorization’ and more content regarding IAM (Identity and Access Management).
Internet Security Research Group
Our mission is to protect Internet users by lowering monetary, technological, and informational barriers to a more secure and privacy-respecting Internet.
MISP - Threat Intelligence Sharing Platform
MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis.
Memory Safety
Prossimo is an Internet Security Research Group (ISRG) project.
Objective-See Foundation
Foundation focusses on free, open-source macOS security tools. And is known for organising the macOS security conference, “Objective by the Sea” (#OBTS).
Open Source IT Risk Management
Focuses on the Security Officers and on helping them in doing their daily business as comfortable as possible. The main goals of SOMAP.org are to develop and maintain: - Guides and Handbooks explaining and describing Risk Management. - an open and free ‘best practice’ Risk Model Repository with security objectives, threats and other risk related meta-data.
Open Source Security Foundation
Part of the Linux Foundation. The OpenSSF is the host for several large projects that focus on improving FOSS security.
Open Source Technology Improvement Fund
The Open Source Technology Improvement Fund is a corporate non-profit dedicated to securing open source apps that we all depend on. Securing software isn’t easy, and we know what it takes to succeed. By facilitating security audits and reviews, OSTIF makes it easy for projects to significantly improve security.
OpenChain Project
Linux Foundation project. The OpenChain Project is focused on commercial and non-commercial open source process management in the supply chain. Maintains OpenChain ISO/IEC 5230 and OpenChain ISO/IEC DIS 18974 These ISO/IEC standards are at no cost available using this link.
OpenSCAP
The OpenSCAP project provides tools to improve security of your infrastructure using open source tools. This project is founded by RedHat and the tools are NIST certified. Use of the tools is encouraged if your systems or infrastructure needs to meet NIST (or other US) security standards.
SIE Europe
The mission of SIE Europe is to make the European digital economy safer by offering a platform for the collection, aggregation, and sharing of data, without Personal Identifiable Information, that is relevant and actionable in the fight against cybercrime.
Security Research Legal Defense Fund
We aim to help fund legal representation for persons who face legal issues due to good faith security research and vulnerability disclosure in cases that would advance cybersecurity for the public interest.
Spamhaus Project
Spamhaus Project is the authority on IP and domain reputation. Also https://urlhaus.abuse.ch/ is a tool of this foundation.
The Cyber Security Body Of Knowledge
A comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector. A great collection of resources that cover all aspects of cyber security.
The Honeynet Project
non-profit security research organization, dedicated to investigating the latest attacks and developing open source security tools to improve Internet security. See also the list with active projects: https://www.honeynet.org/projects/
The Shadowserver Foundation
Since our founding in 2004, The Shadowserver Foundation has become one of the world’s leading resources for Internet security reporting and malicious activity investigation. When we started, we were staffed entirely by volunteers. Today, we employ a full-time team and maintain a global infrastructure spanning 80 countries. Shadowserver scans the entire IPv4 Internet for over 100 different network protocols every day, and also performs IPv6 scans based on IPv6 hitlists for selected protocols. These are “hello” type port scans that do not exploit any vulnerability. Check the daily dashboard provided by this foundation.
Trusted CI
The Trusted CI Framework is a minimum standard for cybersecurity programs. The mission of Trusted CI Foundation is to improve the cybersecurity of NSF computational science and engineering projects, while allowing those projects to focus on their science endeavors. This foundation provides great templates and tools ready to use!
The European public DNS that makes your Internet safer. A free, sovereign and GDPR-compliant recursive DNS resolver with a strong focus on security to protect the citizens and organizations of the European Union.