FedRAMP
OSCAL CLI
Go rewrite of NIST’s OSCAL CLI - converts between XML/JSON/YAML and validates against schemas.
🎥 FedRAMP 20x Phase 2 Pilot Proposal: Meridian
Meridian Knowledge Solutions walks through their FedRAMP 20x Phase 2 pilot proposal with a focus on automation and continuous monitoring
NIST CMVP API
Static API serving NIST CMVP validated modules data, auto-updated via GitHub Actions.
Legacy Document Transformation Demo
Reference implementation for converting legacy compliance documents to machine-readable formats.
FedRAMP 20x GitOps Demo
GitOps for FedRAMP 20x - Flux, Kyverno, GKE, Terraform.
Dynamic Cryptographic Modules Table
Replace static Word docs with YAML-based crypto module tracking and automated CMVP validation.
🤗 Open Source Security Compliance AI & ML
A collection of my open source security compliance datasets, models (fine-tuned LLMs), etc.
🎥 Abolish Screenshots and Ship Security: FedRAMP 20x
Discussion about modernizing FedRAMP compliance and automating security workflows to ship 20x faster