Tools that turn friction into momentum.

Know your compliance before an auditor — or an attacker — does.

Sightline is a compliance platform that continuously checks your security posture against 22+ frameworks — NIST CSF 2.0, HIPAA, SOC 2, PCI DSS, ISO 27001, CMMC, FERPA, GDPR, and more. It connects to the identity, device, cloud, and ticketing tools you already run and tells you, in plain English, exactly where you stand — before a gap turns into a failed audit or a breach.

• Continuous, plain-English verdicts on controls across 22+ regulatory frameworks at once.
• Connects to your existing identity, MDM, cloud, and ticketing tools to gather evidence automatically.
• Board-ready executive summaries with drill-down findings and licensed-professional GRC sign-off.

CMMC Level 2, without the consultant.

Bastion walks defense suppliers through all 110 NIST 800-171 controls, calculates a live DoD SPRS score, and generates an audit-ready System Security Plan and POA&M — entirely in the browser, so sensitive CUI never leaves the machine. Built for the small and mid-size suppliers that primes like Boeing now require to reach CMMC Level 2.

• Guided 110-control NIST 800-171 self-assessment with a live, methodology-accurate DoD SPRS score.
• Auto-generates the SSP and POA&M assessors expect, and prioritizes the highest-impact gaps to fix first.
• Integrates with Sightline (compliance posture) and Cairn (asset inventory) to auto-evidence controls.

Know your servers are healthy — before they’re not.

Lookout is infrastructure monitoring built for humans. Lightweight agents report each server’s health to one dashboard in plain English — “disk /data is 94% full” instead of a wall of raw metrics — so anyone can tell what needs attention at a glance.

• Single, dependency-free agent for Linux, Windows, and macOS — outbound-only, no open ports.
• Plain-English OK / WARNING / CRITICAL alerts via email, Slack, or webhooks, with deduplication and escalation.
• Nagios-plugin compatible, with managed and on-prem deployment options.

Every device. One source of truth.

Cairn reconciles your device fleet across every tool you already run — Jamf, Intune, Kandji, JumpCloud, CrowdStrike, Defender, and more — and syncs one authoritative inventory into Snipe-IT. It resolves conflicting records by serial number, previews every change with a dry run, and finally makes your asset system of record actually accurate. Open-source under AGPL-3.0.

• Pulls from 12+ MDM and EDR sources and writes one reconciled source of truth to Snipe-IT.
• Serial-based reconciliation with a trust-priority system and a dry-run preview before any change.
• Single cross-platform binary (macOS, Windows, Linux) with a guided GUI — no YAML required.

The open corpus underneath it all.

A continuously updated multilingual corpus of Sikh manuscripts, scripture, and classical literature spanning English, Punjabi, Urdu, Hindi, and Devanagari script — over 758 million words across a 9 GB corpus. Curated to support RAG pipelines, semantic search, and NLP research on underrepresented South Asian languages.

• Structured to power RAG pipelines, semantic search, and NLP research.
• Focused on underrepresented South Asian languages and rare historical texts.
• Open-access — built to preserve and democratize Sikh heritage for the global community.

Five centuries of Sikh literature, open to the world.

SikhArchive.net is a collaborative, open-access archive that makes centuries of Sikh manuscripts and literature freely searchable. This isn’t my own project — I contribute to it as a developer, helping push the platform forward alongside the team.

• Working on integrating the 758M+ word Sikh Library dataset into the platform.
• Built Gurbani search and an AI-powered search engine, plus design improvements.
• Patching security vulnerabilities and shipping mobile web-app improvements.

OCR that finally respects South Asian scripts.

A Tesseract post-processing engine for handwritten South Asian and Persian scripts. It corrects character misrecognition, ligature errors, and diacritic placement for Gurmukhi, Punjabi, Hindi, Devanagari, Urdu, and Farsi — recovering correct text where off-the-shelf OCR fails 30–40% of the time.

• Applies Unicode-level linguistic rules post-OCR to repair handwritten Gurmukhi and Urdu.
• Targets a systematic gap: Tesseract misrecognition for these scripts frequently exceeds 30–40%.
• Shipping to PyPI as pip install gurmukhifix; installable today from GitHub.