Skip to content
View pethers's full-sized avatar
191 followers · 1.2k following

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor

Organizations

@Hack23

Block or report pethers

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please donโ€™t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
pethers/README.md

Hack23 Logo

๐Ÿ‘จโ€๐Ÿ’ผ James Pether Sรถrling โ€” CEO & Founder, Hack23 AB

Cybersecurity consulting ยท Security architecture ยท Cloud security ยท DevSecOps ยท Public ISMS ยท Open Source Transparency
๐Ÿ“ Gothenburg, Sweden ๐Ÿ‡ธ๐Ÿ‡ช โ€” 30+ years in IT ยท CISSP ยท CISM ยท AWS Security & Solutions Architect (Professional)

Builder of ISMS-PUBLIC ยท Riksdagsmonitor ยท EU Parliament Monitor ยท European Parliament MCP Server ยท Citizen Intelligence Agency ยท CIA Compliance Manager ยท Black Trigram

Sponsor Hack23 on GitHub Sponsors Hack23 Website LinkedIn โ€” James Pether Sรถrling GitHub Organization โ€” Hack23 GitHub User โ€” pethers OpenHub โ€” pether

Hack23 Public ISMS ISO 27001:2022 aligned NIST CSF 2.0 aligned CIS Controls v8.1 aligned SLSA Level 3 supply-chain NIS2 / GDPR / EU CRA aligned

Top Swedish committers โ€” pethers

๐Ÿ“‘ Table of Contents

๐Ÿ’– Sponsor Hack23 โ€” Support Open Source Security

Sponsor Hack23

Help keep enterprise-grade security transparent, free, and independent.

Hack23 AB is bootstrapped, vendor-independent, and gives away what most consultancies sell behind a paywall โ€” a complete public ISMS aligned with ISO 27001:2022 / NIS2 / GDPR / EU CRA / NIST CSF 2.0 / CIS Controls v8.1, production-grade open-source platforms for parliamentary transparency, and a deep Discordian Cybersecurity blog demystifying real-world security practice.

Your sponsorship directly funds:

Why sponsor? Most security knowledge sits behind NDAs and audit-firm paywalls. Hack23 publishes the actual policies, threat models, architectures, and source code we run โ€” so anyone, anywhere, can learn from them, copy them, and improve them. Sponsorship is how the lights stay on without compromising independence or accepting hidden agendas.

๐ŸŒŸ Become a Hack23 sponsor โ†’ github.com/sponsors/Hack23

๐ŸŽฏ About Me

committers.top โ€” Sweden โ€” pethers

Strong advocate for transparency in organizations, secure software development practices, and innovative open-source solutions. Experienced security professional with over 30 years in information technology, specializing in security architecture, cloud security, DevSecOps, and compliance (ISO 27001, NIS2, GDPR, EU CRA, NIST CSF 2.0, CIS Controls v8.1).

Prior roles include:

  • ๐Ÿ›ก๏ธ Application Security Officer โ€” Stena
  • ๐Ÿ›ก๏ธ Information Security Officer โ€” Polestar
  • ๐Ÿ—๏ธ Senior Security Architect โ€” WirelessCar

Currently CEO/Founder of Hack23 AB โ€” a Swedish (Gothenburg-based) cybersecurity consultancy delivering practical security architecture, AWS cloud security, secure-SDLC enablement, and ISO 27001 / NIS2 / GDPR / EU CRA compliance through a 100 %-public ISMS and live open-source reference implementations.

๐Ÿ† Professional Certifications

CISSP โ€” (ISC)ยฒ Certified Information Systems Security Professional CISM โ€” ISACA Certified Information Security Manager AWS Certified Security โ€“ Specialty AWS Certified Solutions Architect โ€“ Professional

๐Ÿ” Commitment to Transparency and Security

At Hack23 AB, we believe that true security comes through transparency and demonstrable practices. Our Information Security Management System (ISMS) is publicly available, showcasing our commitment to open security practices and serving as a live reference for any organization building its own.

๐Ÿ“‹ Public ISMS Repository

Complete Information Security Management System โ€” 40+ policies aligned with ISO 27001:2022, NIS2, GDPR, EU CRA, NIST CSF 2.0, and CIS Controls v8.1.

ISMS Public Repository

๐Ÿ”’ Information Security Policy

Enterprise-grade security framework and governance โ€” the canonical, machine-verifiable policy set.

Information Security Policy

๐Ÿ† Security Through Transparency

Our approach to cybersecurity consulting is built on a foundation of transparent practices:

  • ๐Ÿ” Open Documentation โ€” Complete ISMS framework available for review
  • ๐Ÿ“‹ Policy Transparency โ€” Detailed security policies and procedures publicly accessible
  • ๐ŸŽฏ Demonstrable Expertise โ€” Our own security implementation serves as a live demonstration
  • ๐Ÿ”„ Continuous Improvement โ€” Public documentation enables community feedback and enhancement

"Our commitment to transparency extends to our security practices โ€” demonstrating that true security comes from robust processes, continuous improvement, and a culture where security considerations are integrated from the start."

โ€” James Pether Sรถrling, CEO/Founder, Hack23 AB

๐Ÿข Hack23 AB

Swedish innovation hub specializing in cybersecurity consulting & solutions alongside immersive, security-aware game experiences.

๐ŸŒ https://hack23.com ยท ๐Ÿข Org.nr 559534-7807 ยท ๐Ÿ“ Gothenburg, Sweden ๐Ÿ‡ธ๐Ÿ‡ช

Hack23 Website Hack23 Services Why Hack23 CIA Triad FAQ Discordian Cybersecurity Blog Hack23 Sitemap

---

๐ŸŽ Discordian Cybersecurity Insights

Explore information security, ISMS policies, and cybersecurity best practices through the unique Discordian lens inspired by the Illuminatus! trilogy. "Think for yourself, question authority."

๐Ÿ“– Security Blog: 30+ Posts

Everything You Know About Security Is a Lie โ€” Nation-state capabilities, approved crypto paradox, and Chapel Perilous initiation. Complete ISMS coverage with radical transparency.

Discordian Security Blog

Featured Content:

  • ๐ŸŽญ Discordian Manifesto - Everything You Know About Security Is a Lie
  • ๐Ÿ“š Complete ISMS Coverage - All 30 posts link directly to ISMS-PUBLIC repository
  • ๐ŸŽ Illuminatus! Style - FNORD detection, Chapel Perilous references, 23 FNORD 5 signatures

All hail Eris! All hail Discordia! ๐ŸŽ

๐Ÿš€ Open Source Projects

A curated portfolio of Hack23 AB open-source projects โ€” every one operated under the public ISMS, with OpenSSF Scorecard, SLSA Level 3 attestations, DeepWiki docs, and reproducible builds.

๐ŸŒ The Hack23 Ecosystem

%%{init: {"theme":"base","themeVariables":{"primaryColor":"#0066CC","primaryTextColor":"#fff","primaryBorderColor":"#003366","lineColor":"#94A3B8","secondaryColor":"#003399","tertiaryColor":"#7B1FA2","background":"#0F172A"}}}%%
graph TB
    subgraph CONSULT["๐Ÿ’ผ Hack23 AB โ€” Cybersecurity Consulting"]
        SVC["๐Ÿ”‘ Services<br/>hack23.com/services.html<br/>Architecture ยท Cloud ยท DevSecOps ยท Compliance"]
        ISMS["๐Ÿ”“ Public ISMS<br/>github.com/Hack23/ISMS-PUBLIC<br/>38 policies ยท ISO 27001:2022 ยท NIST CSF 2.0"]
        BLOG["๐ŸŽ Discordian Blog<br/>hack23.com/blog.html<br/>30+ posts ยท 8 languages"]
    end

    subgraph SOURCES["๐Ÿ“ก Primary Open Data"]
        EP["๐Ÿ‡ช๐Ÿ‡บ European Parliament<br/>data.europarl.europa.eu"]
        RD["๐Ÿ‡ธ๐Ÿ‡ช Riksdagen<br/>data.riksdagen.se"]
        REG["๐Ÿ‡ธ๐Ÿ‡ช Regeringskansliet<br/>regeringen.se"]
    end

    subgraph MCP["๐Ÿ”Œ MCP Servers (AI Bridges)"]
        EPMCP["๐Ÿ‡ช๐Ÿ‡บ European-Parliament-MCP-Server<br/>npm: european-parliament-mcp-server<br/>62 tools ยท 9 resources ยท 7 prompts"]
    end

    subgraph CIVIC["๐Ÿ›๏ธ Civic-Tech Platforms (Apache 2.0)"]
        CIA["๐Ÿ•ต๏ธ Citizen Intelligence Agency<br/>github.com/Hack23/cia<br/>Java 26 ยท Spring ยท 110 DB views ยท 1971โ€“2024"]
        RM["๐Ÿ—ณ๏ธ Riksdagsmonitor<br/>riksdagsmonitor.com<br/>11 agentic workflows ยท 14 languages"]
        EUM["๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor<br/>euparliamentmonitor.com<br/>9 agentic workflows ยท 14 languages"]
    end

    subgraph PRODUCT["๐Ÿ“‹ Products & Platforms"]
        CCM["๐Ÿ“‹ CIA Compliance Manager<br/>ciacompliancemanager.com<br/>npm: cia-compliance-manager<br/>React 19 ยท TypeScript 6"]
        BT["๐Ÿฅ‹ Black Trigram<br/>blacktrigram.com<br/>npm: blacktrigram<br/>Three.js ยท React 19 ยท 70 vital points"]
        GAME["๐ŸŽฎ Game Template<br/>github.com/Hack23/game<br/>SLSA 3 secure-by-default starter"]
    end

    subgraph AUDIENCE["๐Ÿ‘ฅ Audience"]
        USERS["Citizens ยท Journalists ยท Researchers ยท NGOs ยท Security teams ยท AI assistants (Claude ยท Cursor ยท Copilot ยท VS Code)"]
    end

    EP --> EPMCP
    EPMCP --> EUM
    RD --> CIA
    REG --> CIA
    CIA -->|"15 subsystems ยท nightly sync"| RM
    EUM --> USERS
    RM --> USERS
    CIA --> USERS
    CCM --> USERS
    BT --> USERS
    EPMCP -.->|"AI assistants"| USERS
    SVC --> USERS
    ISMS --> CIVIC
    ISMS --> PRODUCT
    BLOG --> USERS

    style CONSULT fill:#003366,stroke:#0066CC,color:#fff
    style ISMS fill:#0066CC,stroke:#003366,color:#fff
    style EPMCP fill:#6366F1,stroke:#4F46E5,color:#fff
    style CIA fill:#006B3F,stroke:#003F25,color:#fff
    style RM fill:#00338D,stroke:#FECC00,color:#fff
    style EUM fill:#003399,stroke:#FFCC00,color:#fff
    style CCM fill:#0066CC,stroke:#003366,color:#fff
    style BT fill:#000000,stroke:#FFD700,color:#FFD700
Loading

Single mission, one ISMS, one license (Apache-2.0), one set of compliance frameworks โ€” applied identically across consulting, civic-tech and commercial products.

๐Ÿš€ Flagship Open-Source Projects

Each project has its own ISMS-aligned SECURITY_ARCHITECTURE.md, THREAT_MODEL.md, OpenSSF Scorecard, OpenSSF Best Practices badge, SLSA 3 attestation and SonarCloud quality gate.

๐Ÿ—ณ๏ธ Riksdagsmonitor โ€” Swedish Political Intelligence

AI-driven monitoring of Sweden's Riksdag, Government and public agencies โ€” 349 current MPs, 2,494 historical politicians (1971โ€“2024), 3.5M+ votes, 109,000+ documents, 14 languages, every day.

Riksdagsmonitor live platform Riksdagsmonitor source on GitHub riksdagsmonitor npm package OpenSSF Scorecard for Riksdagsmonitor OpenSSF Best Practices badge for Riksdagsmonitor Ask DeepWiki about Riksdagsmonitor Riksdagsmonitor license

๐Ÿ”— Surfaces: Live ยท Political Intelligence Hub ยท AI Newsroom ยท Dashboard ยท Sitemap ยท Features ยท Docs

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor โ€” European Political Intelligence

Brussels and Strasbourg made readable. AI-newsroom over the European Parliament's open data โ€” 8 unified gh-aw workflows, 51 analytical artifacts per run, 14 languages, 1,700+ daily artifacts, full Admiralty / WEP / SAT / ACH tradecraft.

EU Parliament Monitor live platform EU Parliament Monitor source on GitHub OpenSSF Scorecard for EU Parliament Monitor OpenSSF Best Practices badge for EU Parliament Monitor SLSA Level 3 attestations for EU Parliament Monitor Ask DeepWiki about EU Parliament Monitor EU Parliament Monitor license

๐Ÿ”— Surfaces: Live ยท Political Intelligence Hub ยท Sitemap ยท API Docs ยท Features ยท Docs

๐Ÿ”Œ European Parliament MCP Server โ€” AI Data Backbone

Canonical TypeScript Model Context Protocol server bridging the European Parliament Open Data Portal v2 to any MCP-aware AI client (Claude Desktop, VS Code, Cursor, GitHub Copilot). 62 tools, 9 resources, 7 prompts, full GDPR-by-design.

European Parliament MCP Server source on GitHub european-parliament-mcp-server npm package european-parliament-mcp-server npm monthly downloads OpenSSF Best Practices badge for European Parliament MCP Server Ask DeepWiki about European Parliament MCP Server European Parliament MCP Server documentation portal

๐Ÿ”— Surfaces: Repository ยท npm ยท API Docs ยท Features ยท Docs

๐Ÿ•ต๏ธ Citizen Intelligence Agency (CIA) โ€” Sweden's Data Backbone

Java/Spring/Vaadin OSINT platform monitoring Sweden's Riksdag, Government and Myndigheter since 2008. 110 database views, 50 risk-detection rules, 1971โ€“2024 longitudinal coverage, 3.5M+ votes, 109K+ documents. The data backbone behind Riksdagsmonitor.

Citizen Intelligence Agency source on GitHub Citizen Intelligence Agency Maven site OpenSSF Scorecard for Citizen Intelligence Agency CII Best Practices badge for Citizen Intelligence Agency SLSA Level 3 attestations for Citizen Intelligence Agency SonarCloud quality gate for Citizen Intelligence Agency Ask DeepWiki about Citizen Intelligence Agency Citizen Intelligence Agency license

๐Ÿ”— Surfaces: Repository ยท Architecture ยท Security Architecture ยท Threat Model ยท Features ยท Docs

๐Ÿ“‹ CIA Compliance Manager โ€” Browser-Based GRC

React 19 / TypeScript 6 platform for CIA-triad assessment, multi-framework compliance, threat modeling and business-impact quantification. Available as a live web app and a tree-shakeable npm library with 10 subpath exports.

CIA Compliance Manager live application CIA Compliance Manager source on GitHub cia-compliance-manager npm package OpenSSF Scorecard for CIA Compliance Manager OpenSSF Best Practices badge for CIA Compliance Manager SLSA Level 3 attestations for CIA Compliance Manager Ask DeepWiki about CIA Compliance Manager

๐Ÿ”— Surfaces: Live App ยท npm ยท API Docs ยท Features ยท Docs

๐Ÿฅ‹ Black Trigram (ํ‘๊ด˜) โ€” Korean Martial-Arts Combat Simulator

Production-ready 3D precision combat simulator. Eight I Ching trigram stances ยท 70 vital points ยท 51 authentic Korean martial-arts techniques ยท 5 fighter archetypes ยท 60fps desktop / 55fps+ mobile. React 19 ยท Three.js ยท TypeScript 6 ยท Vite 8.

Play Black Trigram live Black Trigram source on GitHub blacktrigram npm package OpenSSF Scorecard for Black Trigram OpenSSF Best Practices badge for Black Trigram SLSA Level 3 attestations for Black Trigram Ask DeepWiki about Black Trigram

๐Ÿ”— Surfaces: Play ยท API Docs ยท Security Architecture ยท Threat Model ยท Features ยท Docs

๐ŸŽฎ Game Template โ€” Secure-by-Default Game Starter

Reference implementation of a secure web-game project: React + TypeScript + Three.js + Vite, SLSA 3, full SBOM, automated security testing, ISMS-policy mapping ready to fork.

Hack23 secure game template Game template ISMS policy mapping

โ˜๏ธ Lambda in Private VPC โ€” AWS Reference Architecture

Battle-tested reference implementation: AWS Lambda in a private VPC with VPC endpoints, CloudFront, WAF, KMS encryption, CloudTrail and Security Hub integration.

AWS Lambda in private VPC reference architecture Tutorial on hack23.com blog

๐Ÿงช Sonar-CloudFormation-Plugin โ€” Infrastructure-as-Code Static Analysis

Open-source SonarQube plugin that brings CloudFormation IaC scanning into existing SonarQube/SonarCloud quality gates.

Sonar CloudFormation plugin source on GitHub Hack23 SonarCloud organisation

๐Ÿ›ก๏ธ Public ISMS โ€” Hack23/ISMS-PUBLIC

A fully public, version-controlled, machine-verifiable Information Security Management System. 38 policies covering access control, cryptography, secure development, threat modeling, vulnerability management, AI governance, GDPR privacy, EU CRA, ISO 27001:2022, NIST CSF 2.0, CIS Controls v8.1.

Hack23 public ISMS repository Information Security Policy ISMS compliance checklist

Domain Key Policies
๐Ÿ› ๏ธ Secure Development Secure Development Policy ยท Threat Modeling ยท Vulnerability Management ยท Change Management
๐Ÿ”‘ Access & Identity Access Control Policy ยท Segregation of Duties ยท Mobile Device Management
๐ŸŒ Network & Crypto Network Security Policy ยท Cryptography Policy
๐Ÿ’พ Continuity Backup & Recovery ยท Business Continuity Plan ยท Disaster Recovery Plan
๐Ÿšจ Incident Incident Response Plan
๐Ÿค– AI & LLM AI Policy ยท OWASP LLM Security Policy
๐Ÿ“Š Risk & Compliance Risk Register ยท Risk Assessment Methodology ยท Compliance Checklist ยท Security Metrics ยท ISMS Metrics Dashboard
๐Ÿ‡ช๐Ÿ‡บ Regulatory Privacy Policy (GDPR) ยท CRA Conformity Assessment Process (EU CRA) ยท ISO 5230 Self-Certification
๐ŸŒŸ Transparency ISMS Transparency Plan ยท Open Source Policy ยท STYLE_GUIDE

๐ŸŒŸ Why public? Because security claims must be auditable. Every customer, regulator, journalist or curious citizen can read, fork, critique or reuse our ISMS โ€” and can independently verify that what we ship matches what we say.

๐Ÿ”‘ Security Services

Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical security solutions that integrate seamlessly into your development processes without hindering innovation.

๐Ÿ“‹ Service Overview

๐ŸŒ Availability Remote or in-person (Gothenburg)
๐Ÿ’ฐ Pricing Contact for pricing
๐Ÿข Company Hack23 AB (Org.nr 5595347807)
๐Ÿ“ง Contact LinkedIn

๐ŸŽฏ Core Service Areas

Area Services Ideal for
๐Ÿ—๏ธ Security Architecture & Strategy Enterprise Security Architecture: Design and implementation of comprehensive security frameworks
Risk Assessment & Management: Systematic identification and mitigation of security risks
Security Strategy Development: Alignment of security initiatives with business objectives
Governance Framework Design: Policy development and security awareness programs 		Organizations needing strategic security leadership and architectural guidance
โ˜๏ธ Cloud Security & DevSecOps Secure Cloud Solutions: AWS security assessment and architecture (Advanced level)
DevSecOps Integration: Security seamlessly integrated into agile development processes
Infrastructure as Code Security: Secure CloudFormation, Terraform implementations
Container & Serverless Security: Modern application security best practices 		Development teams transitioning to cloud-native architectures with security focus
๐Ÿ”ง Secure Development & Code Quality Secure SDLC Implementation: Building security into development lifecycles
CI/CD Security Integration: Automated security testing and validation
Code Quality & Security Analysis: Static analysis, vulnerability scanning
Supply Chain Security: SLSA Level 3 compliance, SBOM implementation 		Development teams seeking to embed security without slowing innovation

๐Ÿ† Specialized Expertise

Category Services Value
๐Ÿ“‹ Compliance & Regulatory Regulatory Compliance: GDPR, NIS2, ISO 27001 implementation
ISMS Design & Implementation: Information Security Management Systems
AI Governance: Emerging AI risk management frameworks
Audit Preparation: Documentation and evidence preparation 		Navigate complex regulatory landscapes with confidence
๐ŸŒ Open Source Security Open Source Program Office: OSPO establishment and management
Vulnerability Management: Open source risk assessment and remediation
Security Tool Development: Custom security solutions and automation
Community Engagement: Open source security best practices 		Leverage open source securely while contributing to security transparency
๐ŸŽ“ Security Culture & Training Security Awareness Programs: Building organization-wide security culture
Developer Security Training: Secure coding practices and methodologies
Leadership Security Briefings: Executive-level security understanding
Incident Response Training: Preparedness and response capability building 		Transform security from barrier to enabler through education and culture

๐Ÿ’ก Why Choose Hack23 Security Services?

Three decades of hands-on experience in software development and security architecture means we understand the real challenges development teams face. We don't just point out problemsโ€”we provide practical, implementable solutions that enhance security without slowing down innovation.

Our approach: Security should be seamlessly integrated into your existing processes, not bolted on afterward. We help organizations build a culture of security awareness where protection becomes a natural part of how teams work, not an obstacle to overcome.

Passionate about transparency: As advocates for open source security, we believe in sharing knowledge and building community. Our solutions are designed to be understandable, maintainable, and aligned with industry best practices.

๐Ÿ›๏ธ CIA Compliance Manager Documentation

Current Architecture

Future Vision

๐Ÿ›๏ธ Citizen Intelligence Agency Documentation

Current Architecture

Future Vision & Operations

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor Documentation

Current Architecture

Future Vision

๐Ÿ”Œ European Parliament MCP Server Documentation

Current Architecture

Developer Resources

๐Ÿ”‘ Security Focus Areas

mindmap
  root((๐Ÿ” CIA Triad<br>Security Focus))
    ๐Ÿ”’ Confidentiality
      ๐Ÿท๏ธ Data Classification
        ๐ŸŒ Public
        ๐Ÿ›ก๏ธ Restricted
        ๐Ÿ—๏ธ Confidential
        ๐Ÿ”’ Secret
      ๐Ÿšช Access Control
        ๐Ÿ‘ฅ RBAC Implementation
        ๐Ÿ”‘ MFA Integration
        ๐Ÿ“‰ Least Privilege
      ๐Ÿ”‘ Encryption
        ๐Ÿงฌ AES-256
        ๐Ÿงฟ Quantum-Safe Encryption
        ๐Ÿ—๏ธ KMS Integration
    โœ”๏ธ Integrity
      ๐Ÿงช Data Validation
        ๐Ÿ‘๏ธ Manual Checks
        ๐Ÿค– Automated Validation
        ๐Ÿ”— Blockchain Records
      ๐Ÿ”„ Change Control
        ๐Ÿ“ Audit Trails
        โ™ป๏ธ Versioning
        ๐Ÿ›ก๏ธ Non-Repudiation
      ๐Ÿ† Quality Assurance
        ๐Ÿง‘โ€๐Ÿ’ป Code Analysis
        ๐Ÿงฉ Test Coverage
        ๐Ÿ… SLSA Level 3
    โฐ Availability
      ๐Ÿ›ก๏ธ Resilience Levels
        ๐Ÿ’พ Backup/Restore
        ๐Ÿ”ฅ Pilot Light
        โ™จ๏ธ Warm Standby
        ๐ŸŒ Multi-Site Active/Active
      ๐Ÿ“Š Recovery Metrics
        ๐Ÿ•‘ RTO Targets
        โณ RPO Objectives
        ๐Ÿ“ˆ Uptime SLAs
      ๐Ÿ‘€ Monitoring
        โค๏ธ Health Checks
        ๐Ÿšจ Alerting
        ๐Ÿ’ฅ Chaos Testing
Loading

๐ŸŒŸ Featured in Press & Media

๐Ÿ—ž๏ธ Computer Sweden

Featured article on innovative use of technology for political transparency

Read Article

๐Ÿ“ฐ Riksdag och Departement

Coverage on Citizen Intelligence Agency's monitoring capabilities

Read Article

๐Ÿ“Š National Democratic Institute

Recognized in survey of parliamentary monitoring organizations

View Report

๐Ÿ“ฐ Expressen

Eric Erfors credits Citizen Intelligence Agency for exposing politician voting attendance records

Read Article

๐ŸŽค Technical Talks & Presentations

๐ŸŽ™๏ธ Javaforum Gรถteborg

Presentation on secure architecture patterns

Watch Presentation

๐ŸŽ™๏ธ Shift Left Like A Boss

Security podcast guest appearance discussing DevSecOps

Listen to Podcast

๐Ÿ’ผ About James Pether Sรถrling

mindmap
  root((๐Ÿ‘จโ€๐Ÿ’ผ James Pether Sรถrling))
    ๐Ÿ” Information & Security Leadership
      ๐Ÿ‘จโ€๐Ÿ’ผ CISO / ISO Roles
      ๐Ÿ›ก๏ธ Security Architecture
      ๐Ÿงฉ CIA Triad Implementation
      ๐Ÿ› ๏ธ Policy Development & Governance
      ๐Ÿ“Š Risk Management
      ๐Ÿ” Audit & Compliance Oversight
      ๐Ÿค– AI Governance
      ๐ŸŒ Open Source Program Office
    ๐Ÿ›๏ธ Frameworks & Compliance
      ๐Ÿ“„ ISO 27001
      ๐Ÿ“„ NIST 800-53
      ๐Ÿ“„ VDA-ISA
      ๐Ÿ“„ CIS Controls
      ๐Ÿท๏ธ Data Protection / GDPR
      ๐Ÿ“‹ ISMS Implementation
      ๐Ÿงช Continuous Improvement
    โ˜๏ธ Cloud & Platform Security
      ๐ŸŒ Multi-Cloud (AWS / Azure)
      ๐Ÿ—๏ธ Enterprise & Reference Architectures
        ๐ŸŒ Multi-Region Design
        ๐Ÿ” Resilience & Failover
        โ™ป๏ธ High Availability Patterns
      ๐Ÿ”’ Secure Cloud Services
        Security Hub
        GuardDuty
        KMS
        WAF
      ๐Ÿงฑ Network & VPC Security
      ๐Ÿ”‘ IAM / Least Privilege
    ๐Ÿ› ๏ธ Infrastructure as Code
      ๐Ÿงพ CloudFormation
      ๐Ÿ› ๏ธ Terraform
      ๐Ÿ”„ GitOps / Pipelines
      ๐Ÿ” Template Scanning
      ๐Ÿ“ฆ Supply Chain (SLSA Level 3)
    ๐Ÿ’ป Software Engineering
      โ˜• Java / Spring
      โš›๏ธ React / TypeScript
      ๐Ÿ˜ PostgreSQL
      ๐Ÿ”„ CI/CD Automation
      ๐Ÿงช Automated Testing
      ๐Ÿงต Secure SDLC (SSDLC)
      ๐Ÿ“ˆ Code Quality (SonarQube)
    ๐Ÿ”ฌ Security Operations & Assurance
      ๐Ÿšจ Incident Response
      ๐Ÿ•ต๏ธ Vulnerability Management
      ๐Ÿ“ˆ Security Monitoring
      ๐Ÿงช Threat Modeling
      ๐Ÿ“œ Logging & SIEM Use
    ๐ŸŒ Open Source Leadership
      ๐Ÿ“‹ CIA Compliance Manager
      ๐Ÿ›๏ธ Citizen Intelligence Agency
      ๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor
      ๐Ÿ”Œ European Parliament MCP Server
      ๐Ÿงฉ Sonar-CloudFormation-Plugin
      ๐Ÿ”ง cfn-nag Contributions
      ๐Ÿค Community Engagement
      ๐Ÿ‘€ Code Review / Security Tooling
    ๐Ÿ† Certifications & Recognition
      ๐ŸŽ“ CISSP
      ๐ŸŽ“ CISM
      ๐Ÿฅ‡ AWS Security Specialty
      ๐Ÿฅ‡ AWS Solutions Architect Professional
      ๐Ÿ›ก๏ธ SLSA Level 3 Attestations
    ๐Ÿš€ Strategic Impact
      ๐Ÿ”“ Transparency Advocacy
      ๐Ÿงญ Security-by-Design Enablement
      ๐Ÿง  Knowledge Sharing / Speaking
      ๐Ÿ“ข Public Policy & Civic Tech
Loading

Experienced technology professional specializing in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring robust security posture for modern applications through open source solutions.

๐Ÿ—บ๏ธ Site Map Overview

Hack23.com is a static, multi-language HTML/CSS site deployed to AWS S3 + CloudFront.
For the authoritative, always up-to-date sitemap, use the live page:

The sections below mirror the structure of sitemap.html with direct, HTTPS links and icons aligned with the ISMS Style Guide.

๐Ÿ  Home & Company

Mission, values, company details, and CIA Triad foundations.

๐Ÿ”‘ Security Services

Professional cybersecurity consulting focused on security architecture, cloud security, DevSecOps, and compliance โ€” with evidence-based practices and public ISMS.

๐Ÿš€ Projects (Open-Source & Reference Implementations)

Open-source and reference projects used as live demonstrations of secure architecture, transparency, and practical security.

๐ŸŽฎ Black Trigram (Security-Aware Game)

Realistic 2D precision combat simulator based on traditional Korean martial arts, used as a security-aware game and educational platform.

๐Ÿ›๏ธ Citizen Intelligence Agency (CIA)

Open-source parliamentary monitoring and OSINT platform analyzing Swedish politics.

๐Ÿ“‹ CIA Compliance Manager

Browser-based compliance and CIA-triad assessment tool with no backend, focused on risk, impact, and framework mapping.

๐Ÿ—ณ๏ธ Riksdagsmonitor

Swedish Parliament Intelligence Platform monitoring political activity in Sweden's Riksdag with systematic transparency through real-time analysis and 50+ years of historical data (1971-2024).

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor

European Parliament Intelligence Platform with automated multi-language news generation covering plenary sessions, committee reports, propositions, and breaking news in 14 languages.

๐Ÿ”Œ European Parliament MCP Server

Model Context Protocol Server for European Parliament Open Data โ€” providing AI assistants with structured access to MEPs, plenary sessions, committees, legislative documents, and parliamentary questions.

๐ŸŽฎ Game Template

Secure game development template with React, TypeScript, Three.js, and Vite - built with security-first principles, comprehensive SBOM generation, and automated security testing aligned with Hack23 AB's ISMS.

๐ŸŽ Discordian Cybersecurity Blog & Insights

All blog content is centrally indexed here:

The blog blends ISMS-aligned policies with a Discordian, Illuminatus!-style narrative, making complex security concepts accessible while still professionally mapped to the public ISMS.

๐ŸŽญ Core Manifesto & Philosophy

Representative themes (see blog.html for the full list and latest updates):

  • ๐Ÿง  Everything You Know About Security Is a Lie
  • ๐Ÿ›๏ธ The Security-Industrial Complex
  • ๐Ÿ”’ Question Authority: Crypto Approved By Spies
  • ๐Ÿท๏ธ Think For Yourself: Classification & Data Handling

๐Ÿ›๏ธ CIA Project Series

Architecture, security, and financial/operational views of the Citizen Intelligence Agency platform:

๐ŸŽฎ Black Trigram Series

Deep dives into the architecture, biomechanics, and future roadmap of Black Trigram:

๐Ÿ“‹ Compliance Manager Series

Applies the CIA triad, STRIDE, and adaptive defense to real-world compliance tooling:

๐Ÿงช Code Analysis: โ€œGeorge Dornโ€ Series

Evidence-based code reviews based on the actual cloned repositories, not just documentation:

๐Ÿง  Thought Leadership & Election Analysis

For the full and current list of posts, see:
๐Ÿ‘‰ https://hack23.com/blog.html

๐Ÿ›ก๏ธ ISMS & Security Policies (Public ISMS)

The โ€œDiscordianโ€ documents on hack23.com mirror and explain the formal ISMS-PUBLIC repository in a more narrative, accessible style.
Key entry points:

Representative domains (see sitemap.html for the complete tree):

For the canonical policy set and machine-verifiable versions, see the public ISMS repository:
๐Ÿ”“ https://github.com/Hack23/ISMS-PUBLIC

๐ŸŒ Languages (Internationalization)

Hack23.com supports multiple languages, following the _sv / _ko conventions and language-specific sitemap pages.

๐Ÿ‡ฌ๐Ÿ‡ง English (default)

๐Ÿ‡ธ๐Ÿ‡ช Swedish

๐Ÿ‡ฐ๐Ÿ‡ท Korean

๐Ÿ‡ณ๐Ÿ‡ฑ Dutch

๐Ÿ‡ฉ๐Ÿ‡ช German

๐Ÿ‡ซ๐Ÿ‡ท French

๐Ÿ‡ฏ๐Ÿ‡ต Japanese

๐Ÿ‡จ๐Ÿ‡ณ Chinese

๐Ÿ”ง Technical Resources

Technical endpoints and repositories powering the public site:

GitHub Repositories:

๐Ÿ’– Support Open Source Security โ€” Sponsor Hack23

Sponsor Hack23 ISMS Public Discordian Blog

If this work โ€” the public ISMS, Riksdagsmonitor, EU Parliament Monitor, the European Parliament MCP Server, Citizen Intelligence Agency, CIA Compliance Manager, Black Trigram, the sonar-cloudformation-plugin, and the Discordian Cybersecurity blog โ€” has helped you, your team, your reporting, or your democracy, please consider sponsoring:

๐ŸŒŸ github.com/sponsors/Hack23

Sponsorship keeps the projects independent, ad-free, vendor-neutral, and fully open-source under permissive licences.

๐Ÿ“ซ Connect

Sponsor Hack23 LinkedIn โ€” James Pether Sรถrling Follow Hack23 on GitHub Hack23 Website Discordian Cybersecurity Blog Hack23 Tech Talks OpenHub โ€” pether

Profile Views

ยฉ 2024โ€“2026 James Pether Sรถrling / Hack23 AB ยท Content licensed CC BY 4.0 ยท Operated under the Hack23 Public ISMS (ISO 27001:2022 ยท NIS2 ยท GDPR ยท EU CRA ยท NIST CSF 2.0 ยท CIS Controls v8.1)

Pinned Loading

  1. Hack23/ISMS-PUBLIC Hack23/ISMS-PUBLIC Public

    Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure

    36 9

  2. Hack23/cia Hack23/cia Public

    Citizen Intelligence Agency. Open-source intelligence platform analyzing Swedish political activities using AI and data visualization. Tracks politicians, government institutions, and parliamentaryโ€ฆ

    Java 219 55

  3. Hack23/riksdagsmonitor Hack23/riksdagsmonitor Public

    Riksdagsmonitor is a comprehensive intelligence platform for monitoring political activity in Sweden's Riksdag (Parliament). Built on the Citizen Intelligence Agency (CIA) platform, we provide systโ€ฆ

    HTML 7 2

  4. Hack23/cia-compliance-manager Hack23/cia-compliance-manager Public

    The CIA Compliance Manager is an application that helps organizations assess and manage the availability, integrity, and confidentiality of their systems and data based on customizable security levโ€ฆ

    TypeScript 16 8

  5. Hack23/blacktrigram Hack23/blacktrigram Public

    Black Trigram is a realistic combat simulator that teaches authentic Korean martial arts through precise anatomical targeting. Master traditional vital point techniques through modern 3D combat mecโ€ฆ

    TypeScript 6 5

  6. Hack23/game Hack23/game Public template

    A clean, minimal template for building games with React, TypeScript, Three.js, and Vite - built with security-first principles.

    TypeScript 11 5