Tools & Research

Open-source tools for cyber risk quantification. Built to support real decisions.

Python · 19 Notebooks · MIT

Security Decision Science

Interactive curriculum: Monte Carlo, Bayesian updating, survival analysis, causal inference, game theory, and behavioral traps — applied to security decisions. Companion decision-security library on PyPI.

Live docs · GitHub →
React + Python · CC BY-NC-SA 4.0

FAIR Simulator

Monte Carlo risk quantification with IRIS 2025 benchmarks. Scenario creation, sensitivity analysis, portfolio aggregation.
Python + Mesa + React · CC BY-NC-SA 4.0

FAIR-CAM Agent-Based Model

Simulates how controls actually behave over time. Degradation, interaction, and cascade failure. Calibrated against empirical loss data.
Python + Next.js · Coming soon

Quorum

Structured LLM deliberation for loss estimation. 5 specialist agents produce calibrated FAIR loss distributions, grounded in empirical benchmarks.

Python · Coming soon

Assay — LLM Validation Framework

Five-dimension psychometric validation for any LLM that produces structured classifications. Tests agreement, consistency, convergent validity, adversarial discrimination, and stability. Taxonomy-agnostic.

Python + Elasticsearch · Elastic Security Labs

Survival Analysis for Vulnerability Management

Kaplan-Meier survival analysis applied to time-to-patch metrics using Qualys VMDR data.
Empirical Data · Coming soon

Substrata

Empirical cyber risk data corpus. Curated public data spanning enforcement actions, litigation, settlements, insurance, threat frequency, control effectiveness, and financial impacts.