Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management. ISO27k, GDPR, SOC2, NIST

Overview of existing mappings from and to cyber security controls

CISO360.AI

A mock security incident report done as part of Cybersecurity documentation portfolio and Google's Coursera Cybersecurity Certificate.

Governance, Risk & Compliance documentation aligned to FedRAMP Moderate, NIST SP 800-53 Rev. 5, DoD RMF, and NIST AI RMF. Includes policies, risk register, vendor assessment, continuous monitoring, vulnerability management, and AI governance materials.

Git Repo for Spring 2017

The NIST Cybersecurity Framework 2.0 outlines steps to be taken by the industry, governement agencies, and small businesses in organization risk management.

Nisify is a NIST CSF 2.0 compliance evidence aggregation tool that automatically collects technical evidence from 13 cloud platforms, maps it to the 106 NIST controls alongside your manual governance documents, and provides a transparent, real-time dashboard for measuring compliance maturity and tracking gaps.

Prove your compliance posture with automated evidence and clear visualization. Open-source, OSCAL-native evidence collection from 30+ platforms with self-hosted/air-gapped deployment support.

This is a visualization that I developed to help when discussing the functions of the NIST CSF

OLIR mappings & OSCAL content

Comprehensive NIST CSF-aligned security policy templates for SMBs. Ready-to-use policies covering incident response, data protection, infrastructure security, and compliance requirements with practical implementation guidance and deployment timelines.

Welcome to my cybersecurity practical projects repository! This collection showcases the hands-on exercises and projects I completed as part of my cybersecurity certifications and personal initiatives. These projects demonstrate my understanding of key security concepts and my ability to apply them in practical scenarios.

Use the NIST Cybersecurity Framework to respond to a security incident.