Min Lu | Computing Systems, Cybersecurity, and AI Governance Nerd

The OSCAL Compass project is a set of tools that enable the creation, validation, and governance of documentation artifcts for cybersecurity compliance needs. Here, OSCAL refers to NIST's Open Security Controls Assessment Language as a standard data format for interchange between tools and people.

Features

Supporting Policy- and Compliance-as Code: Provides a new framework for declaring cybersecurity controls as code, enabling easy documentation and autoamted cybersecurity assessments in CI/CD pipelines.
Plugins: Ensures that critical security components are already implemented, increasing ease of use and reducing security risks that may arise from poorly implemented code.