Security Overlays.

Automated STIG compliance for RHEL, Ubuntu, Windows, Docker, Kubernetes, PostgreSQL, and 10+ platforms.

Security Requirements Guides for GP OS, Application, Network, Web Server, Database, and Container platforms.

Configuration baselines for OS, Cloud Foundations, Container, Database, and Web Server platforms.

IL2, IL4, IL5, and IL6 cloud requirements from the DoD Cloud SRG. CUI through classified workloads.

Classified, Cross Domain, Intelligence, Space Platform, and ICS overlays for National Security Systems.

PT control family: Notice, Consent, Data Minimization, Use Limitation. Privacy overlay on security baselines.

PII identification methodology, confidentiality impact levels, and de-identification strategies.

EU data protection mapped to NIST 800-53. Lawful basis, data subject rights, DPO, DPIA, and breach notification.

Twelve GenAI risk categories. Content provenance, training data governance, and model security controls.

AI-specific security controls as NIST 800-53 modifications. Model security and AI supply chain hardening.

European AI regulation mapped to security controls. Risk classification and high-risk AI system obligations.

International Traffic in Arms Regulations. USML categories, US Person access, and Technology Control Plans.

CUI protection, 72-hour incident reporting to DC3, and subcontractor flow-down for defense contracts.

Export Administration Regulations for dual-use technology. Commerce Control List and license requirements.

HIPAA technical safeguards as NIST 800-53 modifications. ePHI access controls, audit logging, and encryption.

FFIEC examination standards and GLBA Safeguards Rule as NIST 800-53 control modifications.

FERPA student record protection as NIST 800-53 modifications. Student data access and consent management.

NIST CSF sector profiles for energy, water, transportation, and communications with OT/ICS controls.