FedRAMP Automation
An API and client for managing STIG assessments
compliance assessment and POA&M management for CMMC/NIST 800-171A
[Not Production Ready] This repository automates the extraction vulnerability and flaw data from vulnerability sources and then generate a Plan of Actions and Milestones (POAM), addressing identified security issues effectively.
RampControl manages and tracks security compliance per FedRAMP requirements. It allows users to add new system security plans, manage POA&M entries, and export data in OSCAL format.
This repository automates the collection and management of evidence from various tools and sources, committing the data for transparency and traceability. It's designed to gather evidence that tools like Vanta and others aren't built to collect.
TenableTrawler (Cloud OR FedCloud) is a Python project that pulls scan results via the Tenable API, laying them into organized, POAM-ready outputs. It supports various scans and exports in formats like CSV, JSON, and YAML.
Add a description, image, and links to the poam topic page so that developers can more easily learn about it.
To associate your repository with the poam topic, visit your repo's landing page and select "manage topics."