A modern, extensible framework for defining and enforcing security policies across your digital infrastructure.

A platform to automate and orchestrate security rules for governance, risk and compliance, and continuous assurance.

MCP Documentation Server Using the Official FedRAMP/docs Repo

A Rust-based diagramming-as-code API that allows you to turn your .tfstate file into details architecture boundary diagrams.

Simple CLI script to assist GRC analysts with risk ranking vendors.

Create a domain specific (GRC) agent with the Claude Agent SDK

Compliance-as-Code lab using AWS Config, EventBridge, and Lambda auto-remediation with CloudFormation.

GovSCH is an Open-Source Schema for Authoring Cybersecurity & AI Governance Documents

An end-to-end Compliance-as-Code pipeline built with Terraform, AWS Config, and Python. Automates compliance checks, Slack reporting, and audit evidence collection.

Simulated multi-region AWS lab for RPO/RTO validation and disaster recovery control mapping.

Cloud security policy-as-code with AWS Config, Lambda remediation, and Terraform.

Automated AWS compliance guardrails using Service Control Policies and CloudFormation. Controls enforce audit log protection, encryption at rest, boundary protection, and least functionality, mapped to CJIS Security Policy v6.0, FedRAMP High baseline, and NIST 800-53 Rev. 5.

Event-driven compliance monitoring and auto-remediation using AWS Config, EventBridge, Lambda, and SSM. Maps to NIST 800-53, FedRAMP High, and CJIS v6.0 controls.

Declarative Infrastructure-as-Code (IaC) managing hardened systems. Features atomic rollbacks, SBOM generation for supply chain security, and reproducible development environments.

simple go tool for exporting evidence from Vanta

🌐 Streamline governance and context engineering for coding agents to ensure repeatable, auditable execution and traceable decisions.

The code, documentation, and build assets for ORION V2 for the Ghana Robotics Competition (Engineers League, Smart City Builders Challenge).

SecAI-Nexus GRC is a sleek, cyberpunk-style real-time threat intelligence dashboard built with Streamlit. It features live global attack maps, real CVE feeds with smart simulation fallback, and dynamic GRC risk panels for ransomware, malware, and APTs — demonstrating skills in API integration, data visualization, and modern cybersecurity tooling.