01 BEGINNER

OSCAL profile validator

CLI tool validating NIST OSCAL profiles with real-time error detection and multi-format conversion.

OSCALPythonJSON SchemaClick

→

02 BEGINNER

Compliance evidence crawler

AWS Lambda collecting compliance evidence from CloudTrail, Config, and Security Hub on a schedule.

AWS LambdaPythonCloudWatch EventsS3

→

03 BEGINNER

Risk register automation

Terraform + Lambda auto-generating risk registers from IaC with NIST 800-53 control mapping.

TerraformPythonDynamoDBNIST 800-53

→

04 INTERMEDIATE

Policy-as-Code engine (OPA)

Open Policy Agent ruleset enforcing AWS security compliance via custom Rego policies mapped to NIST controls.

OPA/RegoAWS APINIST 800-53Python

→

05 INTERMEDIATE

Control assessment dashboard

React dashboard with real-time control status, evidence tracking, and audit readiness scoring.

ReactAWS API GatewayDynamoDBLambda

→

06 INTERMEDIATE

Compliance-to-policy pipeline

CI/CD pipeline converting OSCAL profiles into executable OPA/Rego policies via GitHub Actions.

GitHub ActionsOSCALOPA/RegoPython

→

07 ADVANCED

AWS Config + AI remediator

Config detects violations, Claude API generates intelligent fixes, Lambda executes them autonomously.

AWS ConfigClaude APILambdaPythonSNS

→

08 ADVANCED

Continuous controls monitoring

Production system polling 52 controls hourly, scoring health, tracking drift, auto-generating evidence.

PythonEC2DynamoDBSNSCloudWatch

→

09 ADVANCED

FedRAMP automation (OSCAL)

End-to-end FedRAMP pipeline: SSP generation, automated assessment, POA&M tracking — all OSCAL.

OSCALPythonTerraformGitHub Actions

→

10 ADVANCED

AI-powered control gap analyzer

Claude API analyzes live AWS infrastructure, identifies NIST gaps, and generates Terraform remediation.

Claude APIPythonAWS SDKTerraformNIST 800-53

→