Tool Library For Security Assessments

Hi all,
Is there somewhere where you can get a "library of tools organized according to the solution they provide for each "requirement" outlined in the NIST CSF framework? For instance, for the controls identified below namely ID.AM-1, there would be a list of commonly available software such as LanSweeper, etc, and a control like ID.AM-2 would have names like "Asset Explorer, Asset Panda, etc as part of the library?
What problem does it solve? Well if a comprehensive tool library such as this for security assessments was available then security practitioners would not have to go through the pains researching the available tools to meet each and every control they need.
Is there somewhere where you can get a "library of tools organized according to the solution they provide for each "requirement" outlined in the NIST CSF framework? For instance, for the controls identified below namely ID.AM-1, there would be a list of commonly available software such as LanSweeper, etc, and a control like ID.AM-2 would have names like "Asset Explorer, Asset Panda, etc as part of the library?
What problem does it solve? Well if a comprehensive tool library such as this for security assessments was available then security practitioners would not have to go through the pains researching the available tools to meet each and every control they need.

B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
Tagged:
Comments
By example, ID.AM-1 and ID.AM-2 could be satisfied by an Excel spreadsheet and a few Powershell script. It is viable if you dont have a big network. But it's not viable in larger one.
Me neither, but having a list like this would be super convenient, instead of having to manually go through the selection process by searching google, then contact each company with the associated tool and schedule demos....then selecting a product. Their's no "silver bullet" list....true, however a good number of organizations would typically use the same tools for the same reasons. I know so as I've used EDR tools like CrowdStrike and Carbon Black in three completely different companies back-to-back, and they were there for the exact same NIST controls.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray