ciso-assistant-community
CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +57 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more
Stars: 1058
CISO Assistant is a tool that helps organizations manage their cybersecurity posture and compliance. It provides a centralized platform for managing security controls, threats, and risks. CISO Assistant also includes a library of pre-built frameworks and tools to help organizations quickly and easily implement best practices.
README:
Star the project 🌟 to get releases notification and help growing the community!
intuitem.com
·
SaaS Free trial
·
Docs
·
Languages
·
Discord
·
Frameworks
CISO Assistant brings a different take to GRC and Cyber Security Posture Management:
- by explicitly decoupling compliance from cybersecurity controls implementation
- has built-in standards, security controls and threats
- risk assessment and remediation plan follow-up
- allows to manage a catalog for security controls and threats
- you can bring your own framework as well using a simple syntax
- manage audit, evidences collection and report generation
Our vision is to provide a one stop shop for cyber security posture management and cover the layers of GRC (Governance, Risk and Compliance). As practitioners interacting with multiple cybersecurity and IT professionals, we have struggled with fragmentation and lack of efficient tooling. We keep improving CISO Assistant with anything that could bring clarity and productivity to cybersecurity teams and reduce the effort of research, audit management and paperwork.
CyberSecurity teams need to use GRC as a foundation to structure their program and implement the right tools and processes to mitigate the risks, and leave the rest to CISO Assistant 🐙
The vision of the tool is based on this model:
The full details are available in the data model.
The decoupling allows you to save a considerable amount of time:
- reuse previous assessments,
- assess a scope against multiple frameworks at the same time,
- leave the reporting formatting and sanity check to CISO assistant and focus on your fixes,
- balance controls implementation and compliance follow-up
Here is an overview of CISO Assistant features and capabilities:
CISO Assistant is developed and maintained by intuitem, a French 🇫🇷 company specialized in Cyber Security, Cloud and Data/AI.
[!TIP] The easiest way to get started is through the free trial of cloud instance available here.
Alternatively, once you have Docker and Docker-compose installed, on your workstation or server:
clone the repo:
git clone https://github.com/intuitem/ciso-assistant-community.git
and run the starter script
./docker-compose.sh
[!NOTE] The docker-compose script uses prebuilt Docker images supporting most of the standard hardware architecture. If you're using Windows, Make sure to have WSL installed and trigger the script within a WSL command line. It will feed Docker Desktop on your behalf.
[!WARNING] If you're getting warnings or errors about image's platform not matching host platform, raise an issue with the details and we'll add it shortly after. You can also use
docker-compose-build.sh
instead (see below) to build for your specific architecture.
[!CAUTION] Don't use the
main
branch code directly for production as it's the merge upstream and can have breaking changes during our development. Either use thetags
for stable versions or prebuilt images.
Check out the online documentation on https://intuitem.gitbook.io/ciso-assistant.
- ISO 27001:2022 🌐
- NIST Cyber Security Framework (CSF) v1.1 🇺🇸
- NIST Cyber Security Framework (CSF) v2.0 🇺🇸
- NIS2 🇪🇺
- SOC2 🇺🇸
- PCI DSS 4.0 💳
- CMMC v2 🇺🇸
- PSPF 🇦🇺
- General Data Protection Regulation (GDPR): Full text and checklist from GDPR.EU 🇪🇺
- Essential Eight 🇦🇺
- NYDFS 500 with 2023-11 amendments 🇺🇸
- DORA (Act, RTS, ITS and GL) 🇪🇺
- NIST AI Risk Management Framework 🇺🇸🤖
- NIST SP 800-53 rev5 🇺🇸
- France LPM/OIV rules 🇫🇷
- CCB CyberFundamentals Framework 🇧🇪
- NIST SP-800-66 (HIPAA) 🏥
- HDS/HDH 🇫🇷
- OWASP Application Security Verification Standard (ASVS) 🐝🖥️
- RGS v2.0 🇫🇷
- AirCyber
✈️ 🌐 - Cyber Resilience Act (CRA) 🇪🇺
- TIBER-EU 🇪🇺
- NIST Privacy Framework 🇺🇸
- TISAX (VDA ISA) v5.1 and v6.0 🚘
- ANSSI hygiene guide 🇫🇷
- Essential Cybersecurity Controls (ECC) 🇸🇦
- CIS Controls v8* 🌐
- CSA CCM (Cloud Controls Matrix)* ☁️
- FADP (Federal Act on Data Protection) 🇨🇭
- NIST SP 800-171 rev2 (2021) 🇺🇸
- ANSSI : recommandations de sécurité pour un système d'IA générative 🇫🇷🤖
- NIST SP 800-218: Secure Software Development Framework (SSDF) 🖥️
- GSA FedRAMP rev5 ☁️🇺🇸
- Cadre Conformité Cyber France (3CF) v1 (2021)
✈️ 🇫🇷 - ANSSI : SecNumCloud ☁️🇫🇷
- Cadre Conformité Cyber France (3CF) v2 (2024)
✈️ 🇫🇷 - ANSSI : outil d’autoévaluation de gestion de crise cyber 💥🇫🇷
- BSI: IT-Grundschutz-Kompendium 🇩🇪
- NIST SP 800-171 rev3 (2024) 🇺🇸
- ENISA: 5G Security Controls Matrix 🇪🇺
- OWASP Mobile Application Security Verification Standard (MASVS) 🐝📱
- Agile Security Framework (ASF) - baseline - by intuitem 🤗
- ISO 27001:2013 🌐 (For legacy and migration)
- EU AI Act 🇪🇺🤖
- FBI CJIS 🇺🇸👮
- Operational Technology Cybersecurity Controls (OTCC) 🇸🇦
- Secure Controls Framework (SCF) 🇺🇸🌐
- NCSC Cyber Assessment Framework (CAF) 🇬🇧
- California Consumer Privacy Act (CCPA) 🇺🇸
- California Consumer Privacy Act Regulations 🇺🇸
- NCSC Cyber Essentials 🇬🇧
- Directive Nationale de la Sécurité des Systèmes d'Information (DNSSI) Maroc 🇲🇦
- Part-IS
✈️ 🇪🇺 - ENS Esquema Nacional de seguridad 🇪🇸
- Korea ISA ISMS-P 🇰🇷
- Swiss ICT minimum standard 🇨🇭
- ISO 27001:2022, version Française 🇫🇷🌐
- PGSSI-S (Politique Générale de Sécurité des Systèmes d'Information de Santé) 🇫🇷
- ANSSI : Recommandations de configuration d'un système GNU/Linux 🇫🇷
- PSSI-MCAS (Politique de sécurité des systèmes d’information pour les ministères chargés des affaires sociales) 🇫🇷
- ANSSI : Recommandations pour la protection des systèmes d'information essentiels 🇫🇷
- ANSSI : Recommandations de sécurité pour l'architecture d'un système de journalisation 🇫🇷
- ANSSI : Recommandations de sécurité relatives à TLS 🇫🇷
- New Zealand Information Security Manual (NZISM) 🇳🇿
[!NOTE]
*
These frameworks require an extra manual step of getting the latest Excel sheet through their website as their license prevent direct usage.
Checkout the library and tools for the Domain Specific Language used and how you can define your own.
-
NIST 800-82
-
and much more: just ask on Discord. If it's an open standard, we'll do it for you, free of charge 😉
A library can be a framework, a catalog of threats or reference controls, and even a custom risk matrix.
Take a look at the tools
directory and its dedicated readme. The convert_library.py
script will help you create your library from a simple Excel file. Once you have structured your items in that format, just run the script and use the resulting yaml file.
You can also find some specific converters in the tools directory (e.g. for CIS or CCM Controls).
There is also a tool to facilitate the creation of mappings, called prepare_mapping.py
that will create an Excel file based on two framework libraries in yaml. Once properly filled, this Excel file can be processed by the convert_library.py
tool to get the resulting mapping library.
Join our open Discord community to interact with the team and other GRC experts.
The fastest and easiest way to get started is through the free trial of cloud instance available here.
To run CISO Assistant locally in a straightforward way, you can use Docker compose.
- Update docker
Make sure you have a recent version of docker (>= 25.0).
- Clone the repository
git clone https://github.com/intuitem/ciso-assistant-community.git
cd ciso-assistant-community
- Launch docker-compose script for prebuilt images:
./docker-compose.sh
Alternatively, you can use this variant to build the docker images for your specific architecture:
./docker-compose-build.sh
When asked for, enter your email and password for your superuser.
You can then reach CISO Assistant using your web browser at https://localhost:8443/
For the following executions, use "docker compose up" directly.
[!TIP] If you want a fresh install, simply delete the
db
directory, (default: backend/db) where the database is stored.
For docker setup on a remote server or hypervisor, checkout the specific instructions here
- Python 3.11+
- pip 20.3+
- node 18+
- npm 10.2+
- yaml-cpp (brew install yaml-cpp libyaml or apt install libyaml-cpp-dev)
- Clone the repository.
git clone [email protected]:intuitem/ciso-assistant-community.git
cd ciso-assistant-community
- Create a file in the parent folder (e.g. ../myvars) and store your environment variables within it by copying and modifying the following code and replace
"<XXX>"
by your private values. Take care not to commit this file in your git repo.
Mandatory variables
All variables in the backend have handy default values.
Recommended variables
export DJANGO_DEBUG=True
# Default url is set to http://localhost:5173 but you can change it, e.g. to use https with a caddy proxy
export CISO_ASSISTANT_URL=https://localhost:8443
# Setup a development mailer with Mailhog for example
export EMAIL_HOST_USER=''
export EMAIL_HOST_PASSWORD=''
export [email protected]
export EMAIL_HOST=localhost
export EMAIL_PORT=1025
export EMAIL_USE_TLS=True
Other variables
# CISO Assistant will use SQLite by default, but you can setup PostgreSQL by declaring these variables
export POSTGRES_NAME=ciso-assistant
export POSTGRES_USER=ciso-assistantuser
export POSTGRES_PASSWORD=<XXX>
export POSTGRES_PASSWORD_FILE=<XXX> # alternative way to specify password
export DB_HOST=localhost
export DB_PORT=5432 # optional, default value is 5432
# Add a second backup mailer
export EMAIL_HOST_RESCUE=<XXX>
export EMAIL_PORT_RESCUE=587
export EMAIL_HOST_USER_RESCUE=<XXX>
export EMAIL_HOST_PASSWORD_RESCUE=<XXX>
export EMAIL_USE_TLS_RESCUE=True
# You can define the email of the first superuser, useful for automation. A mail is sent to the superuser for password initialization
export CISO_SUPERUSER_EMAIL=<XXX>
# By default, Django secret key is generated randomly at each start of CISO Assistant. This is convenient for quick test,
# but not recommended for production, as it can break the sessions (see
# this [topic](https://stackoverflow.com/questions/15170637/effects-of-changing-djangos-secret-key) for more information).
# To set a fixed secret key, use the environment variable DJANGO_SECRET_KEY.
export DJANGO_SECRET_KEY=...
# Logging configuration
export LOG_LEVEL=INFO # optional, default value is INFO. Available options: DEBUG, INFO, WARNING, ERROR, CRITICAL
export LOG_FORMAT=plain # optional, default value is plain. Available options: json, plain
# Authentication options
export AUTH_TOKEN_TTL=900 # optional, default value is 3600 seconds (60 minutes). It defines the time to live of the authentication token
export AUTH_TOKEN_AUTO_REFRESH=True # optional, default value is True. It defines if the token TTL should be refreshed automatically after each request authenticated with the token
- Choose the tool of your choice, either python-venv or virtualenv. For example:
# Install python-venv
sudo apt install python-venv # or python3-venv
# Create the virtual environment venv
python -m venv venv # or python3 -m venv venv
# To enter inside the virtual environment
source venv/bin/activate
# If you want to exit the virtual environment once finished
deactivate
- Install required dependencies.
pip install -r requirements.txt
- Recommended: Install the pre-commit hooks.
pre-commit install
- If you want to setup Postgres:
- Launch one of these commands to enter in Postgres:
psql as superadmin
sudo su postgres
psql
- Create the database "ciso-assistant"
create database ciso-assistant;
- Create user "ciso-assistantuser" and grant it access
create user ciso-assistantuser with password '<POSTGRES_PASSWORD>';
grant all privileges on database ciso-assistant to ciso-assistantuser;
- Apply migrations.
python manage.py migrate
- Create a Django superuser, that will be CISO Assistant administrator.
If you have set a mailer and CISO_SUPERUSER_EMAIL variable, there's no need to create a Django superuser with
createsuperuser
, as it will be created automatically on first start. You should receive an email with a link to setup your password.
python manage.py createsuperuser
- Run development server.
python manage.py runserver
- Configure the git hooks for generating the build name.
cd .git/hooks
ln -fs ../../git_hooks/post-commit .
ln -fs ../../git_hooks/post-merge .
- cd into the frontend directory
cd frontend
- Install dependencies
npm install
- Start a development server (make sure that the django app is running)
npm run dev
- Reach the frontend on http://localhost:5173
[!NOTE] Safari will not properly work in this setup, as it requires https for secure cookies. The simplest solution is to use Chrome or Firefox. An alternative is to use a caddy proxy. This is the solution used in docker-compose, so you can use it as an example.
- Environment variables
All variables in the frontend have handy default values.
If you move the frontend on another host, you should set the following variable: PUBLIC_BACKEND_API_URL. Its default value is http://localhost:8000/api.
When you launch "node server" instead of "npm run dev", you need to set the ORIGIN variable to the same value as CISO_ASSISTANT_URL in the backend (e.g. http://localhost:3000).
The migrations are tracked by version control, https://docs.djangoproject.com/en/4.2/topics/migrations/#version-control
For the first version of the product, it is recommended to start from a clean migration.
Note: to clean existing migrations, type:
find . -path "*/migrations/*.py" -not -name "__init__.py" -delete
find . -path "*/migrations/*.pyc" -delete
After a change (or a clean), it is necessary to re-generate migration files:
python manage.py makemigrations
python manage.py migrate
These migration files should be tracked by version control.
To run API tests on the backend, simply type "pytest" in a shell in the backend folder.
To run functional tests on the frontend, do the following actions:
- in the frontend folder, launch the following command:
tests/e2e-tests.sh
The goal of the test harness is to prevent any regression, i.e. all the tests shall be successful, both for backend and frontend.
- The API documentation is available in dev mode on the
<backend_endpoint>/api/schema/swagger/
, for instance http://127.0.0.1:8000/api/schema/swagger/
To interact with it:
- call
/api/iam/login/
with your credentials in the body to get the token - pass it then as a header
Authorization: Token {token}
for your next calls. Notice it's Token not Bearer.
The docker-compose.yml highlights a relevant configuration with a Caddy proxy in front of the frontend.
Set DJANGO_DEBUG=False for security reason.
[!NOTE] The frontend cannot infer the host automatically, so you need to either set the ORIGIN variable, or the HOST_HEADER and PROTOCOL_HEADER variables. Please see the sveltekit doc on this tricky issue. Beware that this approach does not work with "npm run dev", which should not be a worry for production.
[!NOTE] Caddy needs to receive a SNI header. Therefore, for your public URL (the one declared in CISO_ASSISTANT_URL), you need to use a FQDN, not an IP address, as the SNI is not transmitted by a browser if the host is an IP address. Another tricky issue!
- FR: French
- EN: English
- AR: Arabic
- PT: Portuguese
- ES: Spanish
- DE: German
- NL: Dutch
- IT: Italian
- PL: Polish
- RO: Romanian
- HI: Hindi
- UR: Urdu
- Django - Python Web Development Framework
- SvelteKit - Frontend Framework
- eCharts - Charting library
- Gunicorn - Python WSGI HTTP Server for UNIX
- Caddy - The coolest reverse Proxy
- Gitbook - Documentation platform
- PostgreSQL - Open Source RDBMS
- SQLite - Open Source RDBMS
- Docker - Container Engine
- inlang - The ecosystem to globalize your software
Great care has been taken to follow security best practices. Please report any issue to [email protected].
This repository contains the source code for both the Open Source edition of CISO Assistant (Community Edition), released under the AGPL v3, as well as the commercial edition of CISO Assistant (Pro and Enterprise Editions), released under the intuitem Commercial Software License. This mono-repository approach is adopted for simplicity.
All the files within the top-level "enterprise" directory are released under the intuitem Commercial Software License.
All the files outside the top-level "enterprise" directory are released under the AGPLv3.
See LICENSE.txt for details.
Unless otherwise noted, all files are © intuitem.
For Tasks:
Click tags to check more tools for each tasksFor Jobs:
Alternative AI tools for ciso-assistant-community
Similar Open Source Tools
ciso-assistant-community
CISO Assistant is a tool that helps organizations manage their cybersecurity posture and compliance. It provides a centralized platform for managing security controls, threats, and risks. CISO Assistant also includes a library of pre-built frameworks and tools to help organizations quickly and easily implement best practices.
EDA-GPT
EDA GPT is an open-source data analysis companion that offers a comprehensive solution for structured and unstructured data analysis. It streamlines the data analysis process, empowering users to explore, visualize, and gain insights from their data. EDA GPT supports analyzing structured data in various formats like CSV, XLSX, and SQLite, generating graphs, and conducting in-depth analysis of unstructured data such as PDFs and images. It provides a user-friendly interface, powerful features, and capabilities like comparing performance with other tools, analyzing large language models, multimodal search, data cleaning, and editing. The tool is optimized for maximal parallel processing, searching internet and documents, and creating analysis reports from structured and unstructured data.
guidellm
GuideLLM is a powerful tool for evaluating and optimizing the deployment of large language models (LLMs). By simulating real-world inference workloads, GuideLLM helps users gauge the performance, resource needs, and cost implications of deploying LLMs on various hardware configurations. This approach ensures efficient, scalable, and cost-effective LLM inference serving while maintaining high service quality. Key features include performance evaluation, resource optimization, cost estimation, and scalability testing.
ersilia
The Ersilia Model Hub is a unified platform of pre-trained AI/ML models dedicated to infectious and neglected disease research. It offers an open-source, low-code solution that provides seamless access to AI/ML models for drug discovery. Models housed in the hub come from two sources: published models from literature (with due third-party acknowledgment) and custom models developed by the Ersilia team or contributors.
zenml
ZenML is an extensible, open-source MLOps framework for creating portable, production-ready machine learning pipelines. By decoupling infrastructure from code, ZenML enables developers across your organization to collaborate more effectively as they develop to production.
NeMo-Guardrails
NeMo Guardrails is an open-source toolkit for easily adding _programmable guardrails_ to LLM-based conversational applications. Guardrails (or "rails" for short) are specific ways of controlling the output of a large language model, such as not talking about politics, responding in a particular way to specific user requests, following a predefined dialog path, using a particular language style, extracting structured data, and more.
gptme
GPTMe is a tool that allows users to interact with an LLM assistant directly in their terminal in a chat-style interface. The tool provides features for the assistant to run shell commands, execute code, read/write files, and more, making it suitable for various development and terminal-based tasks. It serves as a local alternative to ChatGPT's 'Code Interpreter,' offering flexibility and privacy when using a local model. GPTMe supports code execution, file manipulation, context passing, self-correction, and works with various AI models like GPT-4. It also includes a GitHub Bot for requesting changes and operates entirely in GitHub Actions. In progress features include handling long contexts intelligently, a web UI and API for conversations, web and desktop vision, and a tree-based conversation structure.
llm-on-ray
LLM-on-Ray is a comprehensive solution for building, customizing, and deploying Large Language Models (LLMs). It simplifies complex processes into manageable steps by leveraging the power of Ray for distributed computing. The tool supports pretraining, finetuning, and serving LLMs across various hardware setups, incorporating industry and Intel optimizations for performance. It offers modular workflows with intuitive configurations, robust fault tolerance, and scalability. Additionally, it provides an Interactive Web UI for enhanced usability, including a chatbot application for testing and refining models.
gpt-researcher
GPT Researcher is an autonomous agent designed for comprehensive online research on a variety of tasks. It can produce detailed, factual, and unbiased research reports with customization options. The tool addresses issues of speed, determinism, and reliability by leveraging parallelized agent work. The main idea involves running 'planner' and 'execution' agents to generate research questions, seek related information, and create research reports. GPT Researcher optimizes costs and completes tasks in around 3 minutes. Features include generating long research reports, aggregating web sources, an easy-to-use web interface, scraping web sources, and exporting reports to various formats.
Customer-Service-Conversational-Insights-with-Azure-OpenAI-Services
This solution accelerator is built on Azure Cognitive Search Service and Azure OpenAI Service to synthesize post-contact center transcripts for intelligent contact center scenarios. It converts raw transcripts into customer call summaries to extract insights around product and service performance. Key features include conversation summarization, key phrase extraction, speech-to-text transcription, sensitive information extraction, sentiment analysis, and opinion mining. The tool enables data professionals to quickly analyze call logs for improvement in contact center operations.
gradient-cli
Gradient CLI is a tool designed to facilitate the end-to-end MLOps process, allowing individuals and organizations to develop, train, and deploy Deep Learning models efficiently. It supports various ML/DL frameworks and provides features such as 1-click Jupyter Notebooks, scalable model training workflows, and model deployment as API endpoints. The tool can run on different infrastructures like AWS, GCP, on-premise, and Paperspace GPUs, offering automatic versioning, distributed training, hyperparameter search, and more.
numerapi
Numerapi is a Python client to the Numerai API that allows users to automatically download and upload data for the Numerai machine learning competition. It provides functionalities for downloading training data, uploading predictions, and accessing user, submission, and competitions information for both the main competition and Numerai Signals competition. Users can interact with the API using Python modules or command line interface. Tokens are required for certain actions like uploading predictions or staking, which can be obtained from Numer.ai account settings. The tool also supports features like checking new rounds, getting leaderboards, and managing stakes.
deepeval
DeepEval is a simple-to-use, open-source LLM evaluation framework specialized for unit testing LLM outputs. It incorporates various metrics such as G-Eval, hallucination, answer relevancy, RAGAS, etc., and runs locally on your machine for evaluation. It provides a wide range of ready-to-use evaluation metrics, allows for creating custom metrics, integrates with any CI/CD environment, and enables benchmarking LLMs on popular benchmarks. DeepEval is designed for evaluating RAG and fine-tuning applications, helping users optimize hyperparameters, prevent prompt drifting, and transition from OpenAI to hosting their own Llama2 with confidence.
LARS
LARS is an application that enables users to run Large Language Models (LLMs) locally on their devices, upload their own documents, and engage in conversations where the LLM grounds its responses with the uploaded content. The application focuses on Retrieval Augmented Generation (RAG) to increase accuracy and reduce AI-generated inaccuracies. LARS provides advanced citations, supports various file formats, allows follow-up questions, provides full chat history, and offers customization options for LLM settings. Users can force enable or disable RAG, change system prompts, and tweak advanced LLM settings. The application also supports GPU-accelerated inferencing, multiple embedding models, and text extraction methods. LARS is open-source and aims to be the ultimate RAG-centric LLM application.
NeMo
NeMo Framework is a generative AI framework built for researchers and pytorch developers working on large language models (LLMs), multimodal models (MM), automatic speech recognition (ASR), and text-to-speech synthesis (TTS). The primary objective of NeMo is to provide a scalable framework for researchers and developers from industry and academia to more easily implement and design new generative AI models by being able to leverage existing code and pretrained models.
contracts
AXONE Smart Contracts repository hosts Smart Contracts for the AXONE network, compatible with any Cosmos blockchains using the CosmWasm framework. It includes storage, sovereignty, and resource management oriented Smart Contracts. Each contract has different functionalities and maturity stages, with detailed tech documentation and emojis indicating maturity levels. The repository provides tools for building, testing, deploying, and interacting with Smart Contracts, along with guidelines for contributing and community engagement.
For similar tasks
ciso-assistant-community
CISO Assistant is a tool that helps organizations manage their cybersecurity posture and compliance. It provides a centralized platform for managing security controls, threats, and risks. CISO Assistant also includes a library of pre-built frameworks and tools to help organizations quickly and easily implement best practices.
autogen
AutoGen is a framework that enables the development of LLM applications using multiple agents that can converse with each other to solve tasks. AutoGen agents are customizable, conversable, and seamlessly allow human participation. They can operate in various modes that employ combinations of LLMs, human inputs, and tools.
tracecat
Tracecat is an open-source automation platform for security teams. It's designed to be simple but powerful, with a focus on AI features and a practitioner-obsessed UI/UX. Tracecat can be used to automate a variety of tasks, including phishing email investigation, evidence collection, and remediation plan generation.
ck
Collective Mind (CM) is a collection of portable, extensible, technology-agnostic and ready-to-use automation recipes with a human-friendly interface (aka CM scripts) to unify and automate all the manual steps required to compose, run, benchmark and optimize complex ML/AI applications on any platform with any software and hardware: see online catalog and source code. CM scripts require Python 3.7+ with minimal dependencies and are continuously extended by the community and MLCommons members to run natively on Ubuntu, MacOS, Windows, RHEL, Debian, Amazon Linux and any other operating system, in a cloud or inside automatically generated containers while keeping backward compatibility - please don't hesitate to report encountered issues here and contact us via public Discord Server to help this collaborative engineering effort! CM scripts were originally developed based on the following requirements from the MLCommons members to help them automatically compose and optimize complex MLPerf benchmarks, applications and systems across diverse and continuously changing models, data sets, software and hardware from Nvidia, Intel, AMD, Google, Qualcomm, Amazon and other vendors: * must work out of the box with the default options and without the need to edit some paths, environment variables and configuration files; * must be non-intrusive, easy to debug and must reuse existing user scripts and automation tools (such as cmake, make, ML workflows, python poetry and containers) rather than substituting them; * must have a very simple and human-friendly command line with a Python API and minimal dependencies; * must require minimal or zero learning curve by using plain Python, native scripts, environment variables and simple JSON/YAML descriptions instead of inventing new workflow languages; * must have the same interface to run all automations natively, in a cloud or inside containers. CM scripts were successfully validated by MLCommons to modularize MLPerf inference benchmarks and help the community automate more than 95% of all performance and power submissions in the v3.1 round across more than 120 system configurations (models, frameworks, hardware) while reducing development and maintenance costs.
zenml
ZenML is an extensible, open-source MLOps framework for creating portable, production-ready machine learning pipelines. By decoupling infrastructure from code, ZenML enables developers across your organization to collaborate more effectively as they develop to production.
clearml
ClearML is a suite of tools designed to streamline the machine learning workflow. It includes an experiment manager, MLOps/LLMOps, data management, and model serving capabilities. ClearML is open-source and offers a free tier hosting option. It supports various ML/DL frameworks and integrates with Jupyter Notebook and PyCharm. ClearML provides extensive logging capabilities, including source control info, execution environment, hyper-parameters, and experiment outputs. It also offers automation features, such as remote job execution and pipeline creation. ClearML is designed to be easy to integrate, requiring only two lines of code to add to existing scripts. It aims to improve collaboration, visibility, and data transparency within ML teams.
devchat
DevChat is an open-source workflow engine that enables developers to create intelligent, automated workflows for engaging with users through a chat panel within their IDEs. It combines script writing flexibility, latest AI models, and an intuitive chat GUI to enhance user experience and productivity. DevChat simplifies the integration of AI in software development, unlocking new possibilities for developers.
LLM-Finetuning-Toolkit
LLM Finetuning toolkit is a config-based CLI tool for launching a series of LLM fine-tuning experiments on your data and gathering their results. It allows users to control all elements of a typical experimentation pipeline - prompts, open-source LLMs, optimization strategy, and LLM testing - through a single YAML configuration file. The toolkit supports basic, intermediate, and advanced usage scenarios, enabling users to run custom experiments, conduct ablation studies, and automate fine-tuning workflows. It provides features for data ingestion, model definition, training, inference, quality assurance, and artifact outputs, making it a comprehensive tool for fine-tuning large language models.
For similar jobs
ciso-assistant-community
CISO Assistant is a tool that helps organizations manage their cybersecurity posture and compliance. It provides a centralized platform for managing security controls, threats, and risks. CISO Assistant also includes a library of pre-built frameworks and tools to help organizations quickly and easily implement best practices.
non-ai-licenses
This repository provides templates for software and digital work licenses that restrict usage in AI training datasets or AI technologies. It includes various license styles such as Apache, BSD, MIT, UPL, ISC, CC0, and MPL-2.0.
sec-parser
The `sec-parser` project simplifies extracting meaningful information from SEC EDGAR HTML documents by organizing them into semantic elements and a tree structure. It helps in parsing SEC filings for financial and regulatory analysis, analytics and data science, AI and machine learning, causal AI, and large language models. The tool is especially beneficial for AI, ML, and LLM applications by streamlining data pre-processing and feature extraction.
docq
Docq is a private and secure GenAI tool designed to extract knowledge from business documents, enabling users to find answers independently. It allows data to stay within organizational boundaries, supports self-hosting with various cloud vendors, and offers multi-model and multi-modal capabilities. Docq is extensible, open-source (AGPLv3), and provides commercial licensing options. The tool aims to be a turnkey solution for organizations to adopt AI innovation safely, with plans for future features like more data ingestion options and model fine-tuning.
PurpleLlama
Purple Llama is an umbrella project that aims to provide tools and evaluations to support responsible development and usage of generative AI models. It encompasses components for cybersecurity and input/output safeguards, with plans to expand in the future. The project emphasizes a collaborative approach, borrowing the concept of purple teaming from cybersecurity, to address potential risks and challenges posed by generative AI. Components within Purple Llama are licensed permissively to foster community collaboration and standardize the development of trust and safety tools for generative AI.
vpnfast.github.io
VPNFast is a lightweight and fast VPN service provider that offers secure and private internet access. With VPNFast, users can protect their online privacy, bypass geo-restrictions, and secure their internet connection from hackers and snoopers. The service provides high-speed servers in multiple locations worldwide, ensuring a reliable and seamless VPN experience for users. VPNFast is easy to use, with a user-friendly interface and simple setup process. Whether you're browsing the web, streaming content, or accessing sensitive information, VPNFast helps you stay safe and anonymous online.
taranis-ai
Taranis AI is an advanced Open-Source Intelligence (OSINT) tool that leverages Artificial Intelligence to revolutionize information gathering and situational analysis. It navigates through diverse data sources like websites to collect unstructured news articles, utilizing Natural Language Processing and Artificial Intelligence to enhance content quality. Analysts then refine these AI-augmented articles into structured reports that serve as the foundation for deliverables such as PDF files, which are ultimately published.
NightshadeAntidote
Nightshade Antidote is an image forensics tool used to analyze digital images for signs of manipulation or forgery. It implements several common techniques used in image forensics including metadata analysis, copy-move forgery detection, frequency domain analysis, and JPEG compression artifacts analysis. The tool takes an input image, performs analysis using the above techniques, and outputs a report summarizing the findings.