Skip to content
View networkbm's full-sized avatar
6 followers · 6 following

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Shark

Achievements

Achievement: Pair ExtraordinaireAchievement: Pull Shark

Block or report networkbm

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
networkbm/README.md

Brian Montiel

Security Analyst · GRC Engineer · Hacker

Washington, DC

Website · LinkedIn · Medium

About Me

Security analyst, hacker, and builder focused on FedRAMP, cloud security, and building tools that make compliance work less painful. By day I run NIST 800-53 assessments across AWS, GCP, and Azure. Outside work I'm in the gym training Boxing, Muay Thai, and Judo or trying a restaurant I've never been to before. Always open to collaborating on security and GRC projects.

What I Do

  • Cloud Security Assessments — FedRAMP, GovRAMP, DoD IL4/IL5 across AWS, GCP, and Azure
  • GRC Automation — building Python tooling to replace manual compliance workflows
  • Offensive Security — red team concepts, CTFs, HackTheBox write-ups
  • Open Source — GRC and security tools built for practitioners

Certifications

               

Tech

           

Outside the Terminal

🥊 MMA (Boxing · Muay Thai · Judo)   |   🍜 Always trying a new restaurant   |   ✍️ Writing on Medium

Pinned Loading

  1. POAM-Automation-Tool POAM-Automation-Tool Public

    A CLI tool that converts vulnerability scan exports into FedRAMP-compliant POA&M Excel files and manages findings end-to-end.

    Python 8

  2. fedramp20x-ksi-trust-center fedramp20x-ksi-trust-center Public

    This is a FedRAMP20x Trust Center demo created for fun and practice.

    TypeScript 5 1

  3. CMMC-Toolkit CMMC-Toolkit Public

    CMMC 2.0 readiness toolkit. Gap assessments, SSP builder, policy analyzer, and control library all from the terminal.

    Python

  4. pentest-deephat-ai pentest-deephat-ai Public

    A local-first pentest and CTF notebook with AI assistance (DeepHat via Hugging Face), Markdown editing, screenshot uploads, and exportable notes.

    TypeScript 6 1

  5. School-of-Solana-S8 School-of-Solana-S8 Public

    Season 8 Graduate

    Rust

  6. Cloud-GRC-tool Cloud-GRC-tool Public

    Multi-cloud security evidence collector for AWS, GCP, and Azure. Mapped to NIST 800-53.

    Python 1