Legacy Document Transformation Demo

Table of Contents

What It Does
#

Converts compliance documents (DOCX, PDF, PPTX, XLSX) into Markdown and JSON so you can actually query them programmatically instead of ctrl+f’ing through 500 page PDFs.

ethanolivertroy/legacy-document-transformation-demo

Python

Why
#

FedRAMP is pushing toward measurement-based compliance. That means moving from “do I have this document?” to “what can I measure from this document?” This demo shows how to get legacy docs into formats you can actually work with.

Tools Compared
#

Pandoc - Fast, reliable, well-established
MarkItDown - LLM-optimized, handles many formats
Docling - Deep document understanding, good with tables

What Gets Extracted
#

NIST 800-53 control references
Document metadata
Named entities (roles, systems, standards)
FedRAMP 20x Key Security Indicator mappings

Deployment
#

GitHub Actions (auto-runs on document push)
Docker
Local Python/Bash

Dynamic Cryptographic Modules Table

7 December 2025·Updated: 11 December 2025·1 min

Compliance Tools Automation FedRAMP NIST CMVP Cryptography FIPS Python

Replace static Word docs with YAML-based crypto module tracking and automated CMVP validation.

🎥 Abolish Screenshots and Ship Security: FedRAMP 20x

19 October 2025·Updated: 8 November 2025

Interviews FedRAMP Cloud-Security Compliance Automation DevSecOps

Discussion about modernizing FedRAMP compliance and automating security workflows to ship 20x faster

🎥 FedRAMP 20x CWG: Pilot Demos

24 July 2025·Updated: 8 December 2025

Panels FedRAMP 20x Compliance Automation Cloud-Security GRC

Monthly FedRAMP 20x CWG session featuring pilot demos and submissions from CSPs and 3PAOs

⚡ Prowler

1 January 2024·Updated: 25 November 2025·2 mins

Security Tools Open Source AWS Azure GCP Kubernetes M365 Multi-Cloud FedRAMP NIST PCI-DSS GDPR HIPAA SOC2 Python Open-Source

Open-source cloud security platform for AWS, Azure, GCP, Kubernetes, and M365 - performs security assessments, compliance audits, and continuous monitoring with 900+ built-in checks across 38+ frameworks

NIST CMVP API

7 December 2025·Updated: 8 December 2025·1 min

Security Tools Compliance NIST CMVP Cryptography FIPS API FedRAMP

Static API serving NIST CMVP validated modules data, auto-updated via GitHub Actions.

🏛️ FedRAMP Docs MCP Server

10 October 2025·Updated: 14 November 2025

Compliance Tools AI/ML Tools FedRAMP NIST MCP TypeScript AI

Model Context Protocol (MCP) server for querying FedRAMP documentation - enables AI-powered analysis of security controls, compliance requirements, and FRMR datasets

What It Does#

Why#

Tools Compared#

What Gets Extracted#

Deployment#

Related

What It Does
#

Why
#

Tools Compared
#

What Gets Extracted
#

Deployment
#