Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Powerpipe and Steampipe.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management. ISO27k, GDPR, SOC2, NIST

Overview of existing mappings from and to cyber security controls

CISO360.AI

A mock security incident report done as part of Cybersecurity documentation portfolio and Google's Coursera Cybersecurity Certificate.

Git Repo for Spring 2017

The NIST Cybersecurity Framework 2.0 outlines steps to be taken by the industry, governement agencies, and small businesses in organization risk management.

Governance, Risk & Compliance documentation aligned to FedRAMP Moderate, NIST SP 800-53 Rev. 5, DoD RMF, and NIST AI RMF. Includes policies, risk register, vendor assessment, continuous monitoring, vulnerability management, and AI governance materials.

This is a visualization that I developed to help when discussing the functions of the NIST CSF

Use the NIST Cybersecurity Framework to respond to a security incident.

Welcome to my cybersecurity practical projects repository! This collection showcases the hands-on exercises and projects I completed as part of my cybersecurity certifications and personal initiatives. These projects demonstrate my understanding of key security concepts and my ability to apply them in practical scenarios.

Vigilante Vixen has learned that there were many security vulnerabilities from their technical, behavioral, law, and human resources aspects. Despite us not being directly involved in offshore financial services or the legal profession, technology roles have a considerable amount of opportunity to review this case and implement security regulations

A multimedia company that offers web design services, graphic design, and social media marketing solutions to small businesses recently experienced a DDoS attack, which compromised the internal network for two hours until it was resolved using NIST-CSF.

A report made for the course of Security and Risk, M.Sc. in Computer Science, UniPD

Comprehensive NIST CSF-aligned security policy templates for SMBs. Ready-to-use policies covering incident response, data protection, infrastructure security, and compliance requirements with practical implementation guidance and deployment timelines.