All
projects

From foundational OSCAL tooling to AI-powered remediation. Enterprise-grade systems across the full complexity spectrum.

01 BEGINNER
OSCAL profile validator
CLI tool validating NIST OSCAL profiles with real-time error detection and multi-format conversion.
OSCALPythonJSON SchemaClick
02 BEGINNER
Compliance evidence crawler
AWS Lambda collecting compliance evidence from CloudTrail, Config, and Security Hub on a schedule.
AWS LambdaPythonCloudWatch EventsS3
03 BEGINNER
Risk register automation
Terraform + Lambda auto-generating risk registers from IaC with NIST 800-53 control mapping.
TerraformPythonDynamoDBNIST 800-53
04 INTERMEDIATE
Policy-as-Code engine (OPA)
Open Policy Agent ruleset enforcing AWS security compliance via custom Rego policies mapped to NIST controls.
OPA/RegoAWS APINIST 800-53Python
05 INTERMEDIATE
Control assessment dashboard
React dashboard with real-time control status, evidence tracking, and audit readiness scoring.
ReactAWS API GatewayDynamoDBLambda
06 INTERMEDIATE
Compliance-to-policy pipeline
CI/CD pipeline converting OSCAL profiles into executable OPA/Rego policies via GitHub Actions.
GitHub ActionsOSCALOPA/RegoPython
07 ADVANCED
AWS Config + AI remediator
Config detects violations, Claude API generates intelligent fixes, Lambda executes them autonomously.
AWS ConfigClaude APILambdaPythonSNS
08 ADVANCED
Continuous controls monitoring
Production system polling 52 controls hourly, scoring health, tracking drift, auto-generating evidence.
PythonEC2DynamoDBSNSCloudWatch
09 ADVANCED
FedRAMP automation (OSCAL)
End-to-end FedRAMP pipeline: SSP generation, automated assessment, POA&M tracking — all OSCAL.
OSCALPythonTerraformGitHub Actions
10 ADVANCED
AI-powered control gap analyzer
Claude API analyzes live AWS infrastructure, identifies NIST gaps, and generates Terraform remediation.
Claude APIPythonAWS SDKTerraformNIST 800-53