Open Source AWS Control Tower

Minimalist containerized implementation of Prowler from https://github.com/toniblyx/prowler, made to run within ECS Fargate and have Secrets passed via AWS Secrets Manager

Engineering toolkit I built for GRC work. Pulls evidence from AWS, GitHub, GCP, and Okta; maps it via SCF (1,468 controls × 249 frameworks); produces multi-framework gap reports. Claude Code plugins.

Docker Build for GRC Tool - Eramba is a tool that helps with compliance, risk management, control testing, exception management, etc.

Reference architecture & control-model example for secure multi-backend SDS on Kubernetes. Expresses GitOps governance with Argo CD ApplicationSets, strict base/overlay separation, and explicit structure, controls & ownership boundaries. Secure deployment scaffold for FedRAMP / FIPS 140 / HITRUST / SOC 2 regulated environments.

Inject secrets from pass or passage into environment variables at runtime without storing plaintext secrets on disk.

Cloudit automates compliance with evidence collection. Cloudit streamlines vulnerability tracking, audit workflows, and compliance reporting by gathering artifacts, comparing findings, and generating actionable plans—keeping your organization audit-ready at all times.