The Open Source CISO Guide 🛡️

From "Day 1" to program maturity. A community-driven framework for building, managing, and scaling modern cybersecurity programs.

Start the Journey View Source

Choose Your Path

Tailored guides depending on where you are in your journey.

The New CISO
Just landed the role? Start here to navigate your first 90 days, build relationships, and set the strategy.
  • Getting Started (First 90 Days)
  • Security Leadership Strategy
  • Enterprise Risk Management
Start Leading →
The Program Builder
Focus on architecture, engineering, and operations. Build the systems that defend the business.
  • Security Architecture
  • SecOps & Incident Response
  • Vulnerability Management
Build Security →
The Strategist
Align security with business goals. Master GRC, compliance, insurance, and resilience.
  • Governance, Risk & Compliance
  • Business Continuity (BCP)
  • Cyber Insurance
Align Strategy →

Core Knowledge Modules

Comprehensive guides covering every domain of information security.

CIS18 Controls

Critical Framework

Attack Surface

Know your perimeter

IAM Overview

Identity is the perimeter

AppSec

Secure Development

Security Awareness

Human Firewall

Standards

ISO, NIST, SOC2

Threat Intel

Know your adversary

Resources

Tools & Templates

Built by the Community, For the Community 🤝

This project is open source. We believe in sharing knowledge to make the digital world safer.
Whether you're an expert or just starting, your contribution matters.

Contribute Now