Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Claude Skills for Governance, Risk & Compliance (GRC): Expert-level compliance guidance for ISO 27001, SOC 2, FedRAMP, GDPR, HIPAA, NIST CSF, PCI DSS, TSA Cybersecurity, and ISO 42001 AI Management System. Skills scored 94% vs a baseline of 72% without using Skills.

A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management. ISO27k, GDPR, SOC2, NIST

Overview of existing mappings from and to cyber security controls

CISO360.AI

𝟰𝟱 𝗽𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻-𝗴𝗿𝗮𝗱𝗲 𝗚𝗥𝗖 𝗽𝗿𝗼𝗺𝗽𝘁𝘀 𝗮𝗰𝗿𝗼𝘀𝘀 𝟭𝟯 𝗱𝗼𝗺𝗮𝗶𝗻𝘀. ISO 42001, ISO 27001, EU AI Act, NIST AI RMF, GDPR, DORA and more. Career and startup prompts no other GRC library has. Works with Claude, GPT-4o and Gemini. 𝗥𝗮𝘁𝗲𝗱 𝟵.𝟱/𝟭𝟬 𝗢𝗻 𝗨𝘀𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗮𝗹 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻

Governance, Risk & Compliance documentation aligned to FedRAMP Moderate, NIST SP 800-53 Rev. 5, DoD RMF, and NIST AI RMF. Includes policies, risk register, vendor assessment, continuous monitoring, vulnerability management, and AI governance materials.

A mock security incident report done as part of Cybersecurity documentation portfolio and Google's Coursera Cybersecurity Certificate.

The NIST Cybersecurity Framework 2.0 outlines steps to be taken by the industry, governement agencies, and small businesses in organization risk management.

Git Repo for Spring 2017

OLIR mappings & OSCAL content

Nisify is a NIST CSF 2.0 compliance evidence aggregation tool that automatically collects technical evidence from 13 cloud platforms, maps it to the 106 NIST controls alongside your manual governance documents, and provides a transparent, real-time dashboard for measuring compliance maturity and tracking gaps.

Comprehensive NIST CSF-aligned security policy templates for SMBs. Ready-to-use policies covering incident response, data protection, infrastructure security, and compliance requirements with practical implementation guidance and deployment timelines.

This is a visualization that I developed to help when discussing the functions of the NIST CSF

Prove your compliance posture with automated evidence and clear visualization. Open-source, OSCAL-native evidence collection from 30+ platforms with self-hosted/air-gapped deployment support.

Autonomous agentic AI threat hunting framework with hunt playbooks, behavioral baselining, and zero-trust enforcement for LLM and multi-agent pipeline security.