Security architecture patterns and NIST 800-53 controls from opensecurityarchitecture.org

Overview of existing mappings from and to cyber security controls

A comprehensive Model Context Protocol (MCP) server providing enterprise-grade Static Application Security Testing (SAST) with advanced compliance verification, multi-tenant management, AI-powered analysis, and automated remediation workflows.

𝟰𝟱 𝗽𝗿𝗼𝗱𝘂𝗰𝘁𝗶𝗼𝗻-𝗴𝗿𝗮𝗱𝗲 𝗚𝗥𝗖 𝗽𝗿𝗼𝗺𝗽𝘁𝘀 𝗮𝗰𝗿𝗼𝘀𝘀 𝟭𝟯 𝗱𝗼𝗺𝗮𝗶𝗻𝘀. ISO 42001, ISO 27001, EU AI Act, NIST AI RMF, GDPR, DORA and more. Career and startup prompts no other GRC library has. Works with Claude, GPT-4o and Gemini. 𝗥𝗮𝘁𝗲𝗱 𝟵.𝟱/𝟭𝟬 𝗢𝗻 𝗨𝘀𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗮𝗻𝗱 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗮𝗹 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻

Open-source company OS with HR & people, asset management, finance operations, and security compliance engine (ISO 27001, SOC I, SOC II). Risk registers, controls, audits, objectives. API-first.

Build an enterprise-level AI agent operating system enabling cross-departmental and cross-system intelligent collaboration.

Security Roadmap to ISO-27k

Windows Defender contains several functions for tools to secure Windows machine and get compliant with common regulations.

TenableTrawler (Cloud OR FedCloud) is a Python project that pulls scan results via the Tenable API, laying them into organized, POAM-ready outputs. It supports various scans and exports in formats like CSV, JSON, and YAML.

IAM Authentication Audit Tracker is a Terraform-based AWS security lab that detects IAM login anomalies using CloudTrail, CloudWatch, SNS, and Athena. It integrates tfsec scans through GitHub Actions and demonstrates alerting, audit log analysis, and compliance mapping to NIST 800-53 (AU-6, AC-7) and ISO 27001 A.12.4 using secure IaC

Build an enterprise-level AI agent operating system enabling cross-departmental and cross-system intelligent collaboration.

NIST SP 800-171 controls matrix with all 110 requirements mapped to NIST 800-53, CMMC 2.0, CIS Controls, and ISO 27001.

ISO 27001 Security Security Compliance.

Kaled San Martín Lastra | Software Engineer (Data & Privacy) | Python, R, ISO 27001 | KaledSML

A structured ISO 27001-based risk assessment and treatment plan to identify and mitigate critical business continuity and data security threats.

Web-based diagnostic and self-assessment tool for evaluating ISO/IEC 27001 compliance and ISMS readiness.

An ISO 27001 readiness assessment for a financial institution, creating a clear roadmap from gaps to compliance.

FORTRESS is an interactive security control simulation platform designed for security architects, analysts, and students to understand the full spectrum of security controls. Featuring a comprehensive NIST SP 800-53 aligned control matrix, interactive attack simulations, scenario-based training, a 50+ control encyclopedia, defense builder👨🏿‍💻🔒.

A powerful log management and compliance tool designed for IT professionals and enterprises. Centralized log collection, AI-driven analytics, GDPR, ISO 27001, and NIS2 compliance.

MCP server for SCF Controls Platform — security compliance controls, frameworks, evidence, and risk management for AI agents