Login

u/greenarmor

r/AppDevelopers r/AppBusiness r/projects r/gdpr r/NISTControls r/freesoftware
GESF is Compliance -As-Code framework that is 100% Open Source!
▲ 2 r/freesoftware

GESF is Compliance -As-Code framework that is 100% Open Source!

Introducing the GESF Compliance & Security Workflow

Modern software teams move fast, but security, compliance, and governance often get left behind until it's too late.

GESF (Green, Engineering, Security Framework) was built to help developers and organizations integrate security and compliance directly into their development lifecycle.

Best of all: GESF is completely FREE and Open Source.
No licensing costs. No vendor lock-in. Just transparent, community-driven security and compliance tooling for everyone.

With a single workflow, teams can:
✅ Identify security issues early
✅ Assess GDPR compliance readiness
✅ Evaluate OWASP security risks
✅ Measure NIS/NIS2 preparedness
✅ Generate Markdown, HTML, and PDF reports
✅ Create compliance badges and scorecards
✅ Integrate security checks into CI/CD pipelines
✅ Automate compliance-as-code practices

The goal is simple: make security and compliance a natural part of software delivery rather than an afterthought, accessible to every team at zero cost through Open Source.

🔓 100% Free. Fully Open Source. Built for Developers and Organizations.
Security by Design.
Compliance by Default.
Trusted in Production.

https://github.com/greenarmor/gesf

#CyberSecurity #DevSecOps #Compliance #GDPR #OWASP #NIS #SoftwareEngineering #OpenSource #DeveloperTools #SecurityAutomation #Governance #RiskManagement #GESF

u/greenarmor — 2 days ago
▲ 1 r/projects

A few people asked for the link to the project, so here it is 👇

I built GESF (Green Engineering Standard Framework) - an open-source Compliance-as-Code framework designed to help developers automate security and engineering standards directly in their projects.

The idea came from seeing many fast-moving projects (especially AI-assisted ones) still struggle with basics like:

  • Hardcoded secrets
  • Missing security controls
  • Weak dependency management
  • No GDPR documentation
  • OWASP issues found too late
  • Compliance being handled only at the end

What GESF does:

✅ Security & compliance scanning
✅ OWASP-focused checks
✅ GDPR documentation generation
✅ NIST & CIS alignment
✅ Dependency auditing across ecosystems
✅ CI/CD integration (GitHub Actions)
✅ Multi-language support (Node.js, Python, Rust, Go, Java, PHP, .NET, and more)

GESF has MCP server for AI coding assistants too.

The goal is simple: help developers catch security and compliance issues earlier instead of after deployment.

GitHub:
https://github.com/greenarmor/gesf

Documentation:

https://greenarmor.github.io/gesf/

Would genuinely love feedback, ideas, or criticism from devs, DevOps, and security folks.

Below a simple to follow infograph- GESF Audit workflow.

https://preview.redd.it/i9t0gsg7kt5h1.png?width=2000&format=png&auto=webp&s=0205a336f10d1ac63db24ba44f24946601e65af5

reddit.com
u/greenarmor — 3 days ago
▲ 3 r/NISTControls

A few people asked for the link to the project, so here it is 👇

I built GESF (Green Engineering Standard Framework) - an open-source Compliance-as-Code framework designed to help developers automate security and engineering standards directly in their projects.

The idea came from seeing many fast-moving projects (especially AI-assisted ones) still struggle with basics like:

  • Hardcoded secrets
  • Missing security controls
  • Weak dependency management
  • No GDPR documentation
  • OWASP issues found too late
  • Compliance being handled only at the end

What GESF does:

✅ Security & compliance scanning
✅ OWASP-focused checks
✅ GDPR documentation generation
✅ NIST & CIS alignment
✅ Dependency auditing across ecosystems
✅ CI/CD integration (GitHub Actions)
✅ Multi-language support (Node.js, Python, Rust, Go, Java, PHP, .NET, and more)

GESF has MCP server for AI coding assistants too.

The goal is simple: help developers catch security and compliance issues earlier instead of after deployment.

GitHub:
https://github.com/greenarmor/gesf

Documentation:

https://greenarmor.github.io/gesf/

Would genuinely love feedback, ideas, or criticism from devs, DevOps, and security folks.

Below a simple to follow infograph- GESF Audit workflow.

https://preview.redd.it/i9t0gsg7kt5h1.png?width=2000&format=png&auto=webp&s=0205a336f10d1ac63db24ba44f24946601e65af5

reddit.com
u/greenarmor — 3 days ago
▲ 21 r/NISTControls+2 crossposts

Compliance-as-Code framework

I have an open-source compliance tool that helps developers throughout the software development lifecycle. It was recently classified as a Popular Project by Socket.dev.

Its a Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards in any software project — regardless of programming language.

Would it be okay if I shared it here?

Repo in here : https://github.com/greenarmor/gesf

Docs: https://greenarmor.github.io/gesf/getting-started/installation/

To anyone want to contribute on the code development you can fork and submit a PR to origin repo: https://github.com/greenarmor/gesf

Thank you to all who dm for link of this project!

u/greenarmor — 1 day ago
▲ 0 r/gdpr

Compliance-as-Code framework

I have an open-source compliance tool that helps developers throughout the software development lifecycle. It was recently classified as a Popular Project by Socket.dev.

Its a Compliance-as-Code framework that automatically enforces GDPR, OWASP, NIST, and CIS engineering standards in any software project — regardless of programming language.

Would it be okay if I shared it here?

reddit.com
u/greenarmor — 6 days ago