Security Architecture,
Open Source

Reusable security patterns, control mappings, and capability models that help you design proportionate, consistent, and traceable security — across every system in your estate. Trusted by security architects in 190+ countries since 2008.

Security Patterns Capability Model New Control Catalogue Assess Your Maturity
54
Security Patterns
315
NIST Controls
87
Framework Mappings
17+
Years Active

Featured Patterns

SP-040 26 controls

Post-Quantum Cryptography and Quantum Readiness
SP-017 23 controls

Secure Network Zone Module
SP-001 80 controls

Client Module
SP-011 54 controls

Cloud Computing Pattern
SP-034 37 controls

Cyber Resilience
SP-037 33 controls

Privileged User Management
View all 54 patterns →

How Mature Is Your Security Architecture?

Assess your organisation against OSA patterns. Get a maturity score, radar chart visualisation, gap analysis, and see how you compare to industry benchmarks — all free, all encrypted client-side with AES-256-GCM. We cannot read your scores.

Start an Assessment My Assessments

Free Policy Templates

NIST-mapped, concise, and modern — covering AI, cloud, BYOD, and remote work. Download in Markdown format, free for registered users.

Information Security Policy

20 sections from governance to compliance

Acceptable Use Policy

10 sections for staff and third parties

Open Source, Open Standards

All OSA content is released under CC BY-SA 4.0. Use it in your security architecture practice, contribute improvements, or build tools on top of our structured data.

View on GitHub