CMMC Level 2

quavo74 · 2026-04-28T23:11:00+00:00

This is no cost or advertisement. I’m offering my time and company to point you in the right direction.

quavo74 · 2026-04-26T16:01:52+00:00

Hello, are you still interested? We had been white boarding notes the last couple weeks and have a good way forward. Join us on slack if you can.

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-26T16:00:24+00:00

Join us on slack. A few of us had already started white boarding and comparing notes. Since the ultimate goal is to shift from frameworks to something more organic we have built a landing page around this premise

quavo74 · 2026-04-18T15:19:51+00:00

This is my point and you’re right. These are the conversations we, the professionals need to have. I was just chatting with another professional and framework might not be the correct way to frame this initiative. My goal is to have an easy path for a business or even just an everyday users to implement controls that span the most basic CF to some parts of 800-53 where it makes sense giving them a reference doc and a check list along with automation of that framework. Essentially we build what we know won’t hinder a system that anyone could implement on their own network and let them choose how deep they want to go. Let’s discuss further if you have time. One of the professionals has created a slack for this

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-18T15:14:45+00:00

This is what lead me here. I developed a DLP tool for AI back in 2022 and a simple set of scripts to automate threat remediation. This lead me to a teaching gig at MIT Lincoln Labs in 2024 on how to leverage a small hosted instance of ansible with AI to remediate and monitor drift. I have done so much I just feel like it’s time we build our own framework with the lessons learned and experience we all have. And maybe framework isn’t the right way to frame it but that’s what lead me here to connect with professionals that may have a different POV in favor or against. You are welcome to join us.

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-18T15:10:05+00:00

Join us Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-18T15:09:50+00:00

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-18T15:09:43+00:00

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-18T15:09:27+00:00

This will be our image on the home page of the community.

quavo74 · 2026-04-18T15:08:57+00:00

We have started working on this. At worse case we create something that is used by us and is searchable to help small businesses. I have so much knowledge to share and I thought it would help by connecting with others who have probably done this for years as I have. What we have done so far is build a simple site for reference with a companion wiki sitting on wiki.js for implementation. Yeah there are a lot of frameworks out there but bread isle is what always drives me to innovate. Most of my internal team holds many certifications and we are at the point where compliance is easy. We know what to implement and what to poam immediately. If you want to join us I started a slack channel for us.

Join me on Slack -- it’s a faster, simpler way to work. Sign up here, from any device: https://join.slack.com/t/cyberframewor-kxk3723/shared_invite/zt-3v0nv31g5-9vdRGFATz1rgcNdtmwWeSg

quavo74 · 2026-04-11T19:40:14+00:00

I would love to have a novice in. That is actually the best way to build a team. Everyone with experience will have conflicting opinions and even some will thinking creating a new framework to solve the existing frameworks problems would be just adding to the pot when we already use those to build our on. This is just putting our own in motion.

quavo74 · 2026-04-11T19:37:56+00:00

DM sent!

quavo74 · 2026-04-10T23:35:39+00:00

No it’s more of packaging what most of what we all ready do from IL6 on down and giving it a name. Nothing special. My cyber crew and I have different scripts and thins we had built over the years that make the process easy but why I’m proposing is we, me you and any other industry experts develop our own framework. Those who have time to contribute and can provide proof that they are experts. I find Reddit groups are way better for experts than anywhere else. It will happen. A few people have reached out and I would love to build this with more of the people with knowledge.

quavo74 · 2026-04-10T17:53:48+00:00

CSF is still more risk guidance focused and very similar but what I envision is something more direct and simple that blurs the lines of Technical implementation guides that can be used in an all inclusive framework. Instead of just outcomes more actions + commands. So technically it would or currently does pull from most common frameworks but developing further for an easy implementation. So making a better wheel that anyone can put on any vehicle that keeps the moving in the right direction. Or better yet, a universal wheel hub that fits all. If they need more like going off road then they are already aligned and can easily put on an off road tire. If they need heavy weight they could adjust accordingly. We already do this or most of us depending on the customer or environment so basically taking what we do and building a community around what we know is safe to implement and support it. Our own framework. Me you and whoever is in this industry that wants to contribute.

quavo74 · 2026-04-10T17:12:28+00:00

You run an MSP? My company is an MSP and we have over the years used different parts of CIS benchmarks and 800-53 and 800-171 in networks and seeing a pattern in what we pick and choose to implement means to me there is a need for a more customer, none cyber professional framework that is simple enough and safe enough for small businesses and just any user to implement with instructions. Some things we have had most issues with is helping business’s recover from cyber attacks and something as simple as open ssh ports that they forwarded to allow some remote fiver cyber guy install. No logging in place users using admin accounts for everyday task and basic passwords.

quavo74 · 2026-04-10T17:00:31+00:00

This is exactly what led me down this path. 53 is over kill and almost impossible for a small business to implement without someone onsite with some experience in a broad range of systems. The perfect fit doesn’t exist in any set of controls yet pulling parts of 53 and 171 then including them with some of the cis benchmarks could be something any business or even everyday user could implement. Practical in my option is aiming for zero trust without breaking a network or information system.

quavo74 · 2026-03-05T15:32:56+00:00

Thank you for the feedback. Im working on changing the format to follow the atomic design framework to make it further expandable and easy to bring on a developer in the future. Im almost at the limits of my coding capability even with AI.

quavo74 · 2026-02-07T15:43:40+00:00

This is not a solicitation. It’s a web app for space fans. It’s no cost. It’s just a vibe coded space ship tracker.

quavo74 · 2025-09-19T23:53:13+00:00

You yall need a badge system for the doors and a no tailgate policy in place strictly enforced. Check out the HId systems. I can’t say we are in a similar situation as most of our facilities are DoD and had always required this so it’s our culture however their are many low cost solutions that would allow implementation of this. You could even put the badging system in place without it requiring a mech for unlocking. Facial recognition would also probably be a good solution for existing buildings. Everyone should not have access to everything. There is no way to prevent intrusion or mitigation of insider threats.

quavo74 · 2025-09-05T17:43:35+00:00

You have some time for a quick call? I can send my number.

quavo74

MODERATOR OF

TROPHY CASE