FedRAMP SSP API in Python

FedRAMP SSP Automation

An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources about PCI DSS Compliance Standard in Cybersecurity.

The POAM Pilot is a application designed to streamline the tracking, management, and reporting of security vulnerabilities and compliance requirements.

Create a CIS workbook from an SSP/Addendum

Focuses on automating the management of Plans of Action and Milestones (POAM) using GitHub Actions and various external integrations.

This repository automates the collection and management of evidence from various tools and sources, committing the data for transparency and traceability. It's designed to gather evidence that tools like Vanta and others aren't built to collect.

RampControl manages and tracks security compliance per FedRAMP requirements. It allows users to add new system security plans, manage POA&M entries, and export data in OSCAL format.

TenableTrawler (Cloud OR FedCloud) is a Python project that pulls scan results via the Tenable API, laying them into organized, POAM-ready outputs. It supports various scans and exports in formats like CSV, JSON, and YAML.

Cloudit automates compliance with evidence collection. Cloudit streamlines vulnerability tracking, audit workflows, and compliance reporting by gathering artifacts, comparing findings, and generating actionable plans—keeping your organization audit-ready at all times.

This is a push mirror ofhttps://gitlab.com/hackIDLE/fedramp/fedramp-testing-public/comms-n-collab/slack-audit

Creates a Inventory Excel Spreadsheet Using FedRAMP Template for AWS, Azure, GCP

Pulls scan results using the AWS Inspector API, combines various AWS Inspector scan results, and formats them scan results into an organized output that is POAM-ready.