Skip to content

A collection of awesome projects, blog posts, books, and talks on quantifying risk

Notifications You must be signed in to change notification settings

veeral-patel/awesome-risk-quantification

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 

Repository files navigation

Awesome Risk Quantification

Risk quantification attempts to assign numeric values to risks, instead of qualitative labels such as "Critical" and "High".

Doing this makes it easier to prioritize the different risks we need to mitigate. Also, "you can't improve what you can't measure"!

This repository focuses primarily on cybersecurity related risks.

Open Source Projects

  • Raven - a "flexible and multi-purpose uncertainty quantification, regression analysis, probabilistic risk assessment, data analysis and model optimization framework" from the Idaho National Laboratory
  • riskquant - a library for computing risk, using different distributions, from Netflix
  • evaluator - R package for quantitative risk assessment, based upon OpenFAIR
  • collector - R package for "conducting quantitative risk assessment interviews"

Blog Posts and Papers

Books

Talks

  • Quantifying Risk by Markus De Shon (2020) - walks through the process of measuring risk, from identifying threats and assets to guessing frequency and magnitude (in terms of money)
  • Forecasting, Browsers, and “In The Wild” Exploitation by Ryan McGeehan (2019) - Ryan forecasts the probability of a Chrome zero day being exploited in the wild in a certain month

Related Subjects

About

A collection of awesome projects, blog posts, books, and talks on quantifying risk

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published