securitytemplates / sectemplates

Open source templates you can use to bootstrap your security programs
https://www.sectemplates.com
519 stars 61 forks source link
bug-bounty incident-response penetration-testing security-exceptions vulnerability-management

Sectemplates

I'd like to announce the creation of SecTemplates.com, a website where infosec professionals, and startup engineering teams lacking a security team, can find templates to help bootstrap their programs. The primary focus of this site will be to provide starting points for

Content is free to use for personal and commercial purposes, with the exception of including it in a product that's for sale or a product developed based on it. Please see licensing under each project for details.

About
https://www.sectemplates.com/about.html

Twitter/X
https://x.com/Sectemplates

Available Security Programs

Bug Bounty

The goal of this release is to provide you with everything you need to establish a bug bounty program. This includes alignment with stakeholders, working with a vendor, establishing a private bug bounty, and ultimately moving to a public bug bounty. This release pack is not sponsored or influenced by any particular bug bounty vendor and is neutral to vendor biases and influence.

External Penetration Testing

This release contains everything you need to scope your first pentest, work with a vendor, execute, and get the types of reports you need from an external tester. This will enable you to perform your first product or infrastructure level penetration test, and provide you with a process moving forward for future engagements.

Incident Response

The goal of this release is to provide you with everything you'd need to establish a functioning security incident response program at your company.

Vulnerability Management

The goal of this release is to provide all the necessary resources to establish and set up a fully functioning vulnerability management program at your company.

Security Exceptions

The goal of this release is to provide all the necessary resources to establish and set up a fully functioning security exceptions program at your company.