Skip to content
View pethers's full-sized avatar
174 followers · 1.2k following

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: YOLOAchievement: Starstruckx2Achievement: Pull Sharkx3Achievement: QuickdrawAchievement: Arctic Code Vault Contributor

Organizations

@Hack23

Block or report pethers

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
pethers/README.md

CEO/Founder Hack23 | Security & Open Source Expert | Cloud Security Specialist | Information Security Professional

Website LinkedIn GitHub OpenHub

CEO/Founder of Hack23 | committers.top badge

Strong advocate for transparency in organizations, secure software development practices, and innovative open source solutions. Experienced security professional with over 30 years in information technology, specializing in security architecture, cloud security, and compliance. Prior roles including Application Security Officer at Stena, Information Security Officer at Polestar and Senior Security Architect at WirelessCar.

๐Ÿ” Commitment to Transparency and Security

At Hack23 AB, we believe that true security comes through transparency and demonstrable practices. Our Information Security Management System (ISMS) is publicly available, showcasing our commitment to open security practices.

๐Ÿ“‹ Public ISMS Repository

Complete Information Security Management System documentation

ISMS Public Repository

๐Ÿ”’ Information Security Policy

Enterprise-grade security framework and governance

Information Security Policy

๐Ÿ† Security Through Transparency

Our approach to cybersecurity consulting is built on a foundation of transparent practices:

  • ๐Ÿ” Open Documentation: Complete ISMS framework available for review
  • ๐Ÿ“‹ Policy Transparency: Detailed security policies and procedures publicly accessible
  • ๐ŸŽฏ Demonstrable Expertise: Our own security implementation serves as a live demonstration
  • ๐Ÿ”„ Continuous Improvement: Public documentation enables community feedback and enhancement

"Our commitment to transparency extends to our security practices - demonstrating that true security comes from robust processes, continuous improvement, and a culture where security considerations are integrated from the start."

โ€” James Pether Sรถrling, CEO/Founder

Professional Certifications

CISSP CISM AWS Security AWS Solutions Architect

๐Ÿ”’ Hack23 AB

Swedish innovation hub specializing in creating immersive and precise game experiences alongside expert cybersecurity consulting and solutions.

๐Ÿ” Commitment to Transparency and Security

At Hack23 AB, we believe that true security comes through transparency and demonstrable practices. Our Information Security Management System (ISMS) is publicly available, showcasing our commitment to security excellence and organizational transparency.

๐Ÿ“‹ Public ISMS Repository

Complete Information Security Management System documentation

ISMS Public Repository

๐Ÿ”’ Information Security Policy

Enterprise-grade security framework and governance

Information Security Policy

๐Ÿ† Security Through Transparency

Our approach to cybersecurity consulting is built on a foundation of transparent practices:

  • ๐Ÿ” Open Documentation: Complete ISMS framework available for review
  • ๐Ÿ“‹ Policy Transparency: Detailed security policies and procedures publicly accessible
  • ๐ŸŽฏ Demonstrable Expertise: Our own security implementation serves as a live demonstration
  • ๐Ÿ”„ Continuous Improvement: Public documentation enables community feedback and enhancement

"Our commitment to transparency extends to our security practices - demonstrating that true security comes from robust processes, continuous improvement, and a culture where security considerations are integrated into every business decision."

โ€” James Pether Sรถrling, CEO/Founder

๐ŸŽ Discordian Cybersecurity Insights

Explore information security, ISMS policies, and cybersecurity best practices through the unique Discordian lens inspired by the Illuminatus! trilogy. "Think for yourself, question authority."

๐Ÿ“– Security Blog: 30+ Posts

Everything You Know About Security Is a Lie โ€” Nation-state capabilities, approved crypto paradox, and Chapel Perilous initiation. Complete ISMS coverage with radical transparency.

Discordian Security Blog

Featured Content:

  • ๐ŸŽญ Discordian Manifesto - Everything You Know About Security Is a Lie
  • ๐Ÿ“š Complete ISMS Coverage - All 30 posts link directly to ISMS-PUBLIC repository
  • ๐ŸŽ Illuminatus! Style - FNORD detection, Chapel Perilous references, 23 FNORD 5 signatures

All hail Eris! All hail Discordia! ๐ŸŽ

๐Ÿ—ณ๏ธ Riksdagsmonitor

Riksdagsmonitor

Swedish Parliament Intelligence Platform monitoring political activity in Sweden's Riksdag with systematic transparency through real-time analysis and 50+ years of historical data (1971-2024).

OpenSSF Scorecard Quality Checks Dependency Review License ISMS Ask DeepWiki

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor

EU Parliament Monitor

European Parliament Intelligence Platform โ€” an automated multi-language news platform that monitors EU Parliament activities with 14-language support, covering plenary sessions, committee reports, propositions, and breaking news.

OpenSSF Scorecard SLSA 3 News Generation Test and Report License ISMS

๐Ÿ”Œ European Parliament MCP Server

European Parliament MCP Server

Model Context Protocol Server for European Parliament Open Data โ€” providing AI assistants with structured access to MEPs, plenary sessions, committees, legislative documents, and parliamentary questions through a secure, type-safe TypeScript implementation.

OpenSSF Scorecard SLSA 3 FOSSA Status Build Status License ISMS

๐Ÿ” Citizen Intelligence Agency

CIA Logo

Political transparency platform monitoring Swedish political activity with data-driven insights, analytics, dashboard visualizations, and accountability metrics.

CII Best Practices OpenSSF Scorecard SLSA 3 Verify & Deploy Scorecard supply-chain security Quality Gate Status Security Rating

๐Ÿ”ฅ Black Trigram (ํ‘๊ด˜)

Black Trigram Logo

Realistic 2D precision combat simulator inspired by traditional Korean martial arts, focusing on precise anatomical targeting, authentic combat techniques, and detailed physics-based interactions.

OpenSSF Scorecard CII Best Practices SLSA 3 Scorecard supply-chain security Test & Report Lines of Code Quality Gate Status Security Rating Maintainability Rating Reliability Rating FOSSA Status

๐Ÿ” CIA Compliance Manager

CIA Compliance Manager Logo

Security assessment platform for the CIA triad (Confidentiality, Integrity, Availability) with business impact analysis and compliance mapping to regulatory frameworks like NIST, ISO, GDPR, HIPAA, and SOC2.

FOSSA Status CII Best Practices OpenSSF Scorecard SLSA 3 Verify & Release Scorecard Supply-Chain Security Lines of Code Quality Gate Status Security Rating Maintainability Rating Reliability Rating

๐ŸŽฎ Game Template

Game Template

Secure game development template with React, TypeScript, Three.js, and Vite - built with security-first principles, comprehensive SBOM generation, and automated security testing aligned with Hack23 AB's ISMS.

License OpenSSF Scorecard Ask DeepWiki

โ˜๏ธ Lambda in Private VPC

AWS Lambda

Enterprise-grade multi-region active/active architecture with near-zero recovery time, comprehensive DNS failover, and AWS Resilience Hub policy compliance for mission-critical applications.

OpenSSF Scorecard Verify and Deploy Scorecard Supply-Chain Security

๐Ÿงช Sonar-CloudFormation-Plugin

SonarQube Plugin

SonarQube plugin for analyzing AWS CloudFormation templates with security best practices based on NIST, CWE, and ISO standards.

License CII Best Practices OpenSSF Scorecard

๐Ÿ”‘ Security Services

Professional cybersecurity consulting services delivered remotely or in-person in Gothenburg. Drawing from over three decades of experience in software development and security architecture, we deliver practical security solutions that integrate seamlessly into your development processes without hindering innovation.

๐Ÿ“‹ Service Overview

๐ŸŒ Availability Remote or in-person (Gothenburg)
๐Ÿ’ฐ Pricing Contact for pricing
๐Ÿข Company Hack23 AB (Org.nr 5595347807)
๐Ÿ“ง Contact LinkedIn

๐ŸŽฏ Core Service Areas

Area Services Ideal for
๐Ÿ—๏ธ Security Architecture & Strategy Enterprise Security Architecture: Design and implementation of comprehensive security frameworks
Risk Assessment & Management: Systematic identification and mitigation of security risks
Security Strategy Development: Alignment of security initiatives with business objectives
Governance Framework Design: Policy development and security awareness programs 		Organizations needing strategic security leadership and architectural guidance
โ˜๏ธ Cloud Security & DevSecOps Secure Cloud Solutions: AWS security assessment and architecture (Advanced level)
DevSecOps Integration: Security seamlessly integrated into agile development processes
Infrastructure as Code Security: Secure CloudFormation, Terraform implementations
Container & Serverless Security: Modern application security best practices 		Development teams transitioning to cloud-native architectures with security focus
๐Ÿ”ง Secure Development & Code Quality Secure SDLC Implementation: Building security into development lifecycles
CI/CD Security Integration: Automated security testing and validation
Code Quality & Security Analysis: Static analysis, vulnerability scanning
Supply Chain Security: SLSA Level 3 compliance, SBOM implementation 		Development teams seeking to embed security without slowing innovation

๐Ÿ† Specialized Expertise

Category Services Value
๐Ÿ“‹ Compliance & Regulatory Regulatory Compliance: GDPR, NIS2, ISO 27001 implementation
ISMS Design & Implementation: Information Security Management Systems
AI Governance: Emerging AI risk management frameworks
Audit Preparation: Documentation and evidence preparation 		Navigate complex regulatory landscapes with confidence
๐ŸŒ Open Source Security Open Source Program Office: OSPO establishment and management
Vulnerability Management: Open source risk assessment and remediation
Security Tool Development: Custom security solutions and automation
Community Engagement: Open source security best practices 		Leverage open source securely while contributing to security transparency
๐ŸŽ“ Security Culture & Training Security Awareness Programs: Building organization-wide security culture
Developer Security Training: Secure coding practices and methodologies
Leadership Security Briefings: Executive-level security understanding
Incident Response Training: Preparedness and response capability building 		Transform security from barrier to enabler through education and culture

๐Ÿ’ก Why Choose Hack23 Security Services?

Three decades of hands-on experience in software development and security architecture means we understand the real challenges development teams face. We don't just point out problemsโ€”we provide practical, implementable solutions that enhance security without slowing down innovation.

Our approach: Security should be seamlessly integrated into your existing processes, not bolted on afterward. We help organizations build a culture of security awareness where protection becomes a natural part of how teams work, not an obstacle to overcome.

Passionate about transparency: As advocates for open source security, we believe in sharing knowledge and building community. Our solutions are designed to be understandable, maintainable, and aligned with industry best practices.

๐Ÿ›๏ธ CIA Compliance Manager Documentation

Current Architecture

Future Vision

๐Ÿ›๏ธ Citizen Intelligence Agency Documentation

Current Architecture

Future Vision & Operations

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor Documentation

Current Architecture

Future Vision

๐Ÿ”Œ European Parliament MCP Server Documentation

Current Architecture

Developer Resources

๐Ÿ”‘ Security Focus Areas

mindmap
  root((๐Ÿ” CIA Triad<br>Security Focus))
    ๐Ÿ”’ Confidentiality
      ๐Ÿท๏ธ Data Classification
        ๐ŸŒ Public
        ๐Ÿ›ก๏ธ Restricted
        ๐Ÿ—๏ธ Confidential
        ๐Ÿ”’ Secret
      ๐Ÿšช Access Control
        ๐Ÿ‘ฅ RBAC Implementation
        ๐Ÿ”‘ MFA Integration
        ๐Ÿ“‰ Least Privilege
      ๐Ÿ”‘ Encryption
        ๐Ÿงฌ AES-256
        ๐Ÿงฟ Quantum-Safe Encryption
        ๐Ÿ—๏ธ KMS Integration
    โœ”๏ธ Integrity
      ๐Ÿงช Data Validation
        ๐Ÿ‘๏ธ Manual Checks
        ๐Ÿค– Automated Validation
        ๐Ÿ”— Blockchain Records
      ๐Ÿ”„ Change Control
        ๐Ÿ“ Audit Trails
        โ™ป๏ธ Versioning
        ๐Ÿ›ก๏ธ Non-Repudiation
      ๐Ÿ† Quality Assurance
        ๐Ÿง‘โ€๐Ÿ’ป Code Analysis
        ๐Ÿงฉ Test Coverage
        ๐Ÿ… SLSA Level 3
    โฐ Availability
      ๐Ÿ›ก๏ธ Resilience Levels
        ๐Ÿ’พ Backup/Restore
        ๐Ÿ”ฅ Pilot Light
        โ™จ๏ธ Warm Standby
        ๐ŸŒ Multi-Site Active/Active
      ๐Ÿ“Š Recovery Metrics
        ๐Ÿ•‘ RTO Targets
        โณ RPO Objectives
        ๐Ÿ“ˆ Uptime SLAs
      ๐Ÿ‘€ Monitoring
        โค๏ธ Health Checks
        ๐Ÿšจ Alerting
        ๐Ÿ’ฅ Chaos Testing
Loading

๐ŸŒŸ Featured in Press & Media

๐Ÿ—ž๏ธ Computer Sweden

Featured article on innovative use of technology for political transparency

Read Article

๐Ÿ“ฐ Riksdag och Departement

Coverage on Citizen Intelligence Agency's monitoring capabilities

Read Article

๐Ÿ“Š National Democratic Institute

Recognized in survey of parliamentary monitoring organizations

View Report

๐Ÿ“ฐ Expressen

Eric Erfors credits Citizen Intelligence Agency for exposing politician voting attendance records

Read Article

๐ŸŽค Technical Talks & Presentations

๐ŸŽ™๏ธ Javaforum Gรถteborg

Presentation on secure architecture patterns

Watch Presentation

๐ŸŽ™๏ธ Shift Left Like A Boss

Security podcast guest appearance discussing DevSecOps

Listen to Podcast

๐Ÿ’ผ About James Pether Sรถrling

mindmap
  root((๐Ÿ‘จโ€๐Ÿ’ผ James Pether Sรถrling))
    ๐Ÿ” Information & Security Leadership
      ๐Ÿ‘จโ€๐Ÿ’ผ CISO / ISO Roles
      ๐Ÿ›ก๏ธ Security Architecture
      ๐Ÿงฉ CIA Triad Implementation
      ๐Ÿ› ๏ธ Policy Development & Governance
      ๐Ÿ“Š Risk Management
      ๐Ÿ” Audit & Compliance Oversight
      ๐Ÿค– AI Governance
      ๐ŸŒ Open Source Program Office
    ๐Ÿ›๏ธ Frameworks & Compliance
      ๐Ÿ“„ ISO 27001
      ๐Ÿ“„ NIST 800-53
      ๐Ÿ“„ VDA-ISA
      ๐Ÿ“„ CIS Controls
      ๐Ÿท๏ธ Data Protection / GDPR
      ๐Ÿ“‹ ISMS Implementation
      ๐Ÿงช Continuous Improvement
    โ˜๏ธ Cloud & Platform Security
      ๐ŸŒ Multi-Cloud (AWS / Azure)
      ๐Ÿ—๏ธ Enterprise & Reference Architectures
        ๐ŸŒ Multi-Region Design
        ๐Ÿ” Resilience & Failover
        โ™ป๏ธ High Availability Patterns
      ๐Ÿ”’ Secure Cloud Services
        Security Hub
        GuardDuty
        KMS
        WAF
      ๐Ÿงฑ Network & VPC Security
      ๐Ÿ”‘ IAM / Least Privilege
    ๐Ÿ› ๏ธ Infrastructure as Code
      ๐Ÿงพ CloudFormation
      ๐Ÿ› ๏ธ Terraform
      ๐Ÿ”„ GitOps / Pipelines
      ๐Ÿ” Template Scanning
      ๐Ÿ“ฆ Supply Chain (SLSA Level 3)
    ๐Ÿ’ป Software Engineering
      โ˜• Java / Spring
      โš›๏ธ React / TypeScript
      ๐Ÿ˜ PostgreSQL
      ๐Ÿ”„ CI/CD Automation
      ๐Ÿงช Automated Testing
      ๐Ÿงต Secure SDLC (SSDLC)
      ๐Ÿ“ˆ Code Quality (SonarQube)
    ๐Ÿ”ฌ Security Operations & Assurance
      ๐Ÿšจ Incident Response
      ๐Ÿ•ต๏ธ Vulnerability Management
      ๐Ÿ“ˆ Security Monitoring
      ๐Ÿงช Threat Modeling
      ๐Ÿ“œ Logging & SIEM Use
    ๐ŸŒ Open Source Leadership
      ๐Ÿ“‹ CIA Compliance Manager
      ๐Ÿ›๏ธ Citizen Intelligence Agency
      ๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor
      ๐Ÿ”Œ European Parliament MCP Server
      ๐Ÿงฉ Sonar-CloudFormation-Plugin
      ๐Ÿ”ง cfn-nag Contributions
      ๐Ÿค Community Engagement
      ๐Ÿ‘€ Code Review / Security Tooling
    ๐Ÿ† Certifications & Recognition
      ๐ŸŽ“ CISSP
      ๐ŸŽ“ CISM
      ๐Ÿฅ‡ AWS Security Specialty
      ๐Ÿฅ‡ AWS Solutions Architect Professional
      ๐Ÿ›ก๏ธ SLSA Level 3 Attestations
    ๐Ÿš€ Strategic Impact
      ๐Ÿ”“ Transparency Advocacy
      ๐Ÿงญ Security-by-Design Enablement
      ๐Ÿง  Knowledge Sharing / Speaking
      ๐Ÿ“ข Public Policy & Civic Tech
Loading

Experienced technology professional specializing in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring robust security posture for modern applications through open source solutions.

๐Ÿ“ซ Connect

LinkedIn GitHub Blog Tech Talks

๐Ÿ—บ๏ธ Site Map Overview

Hack23.com is a static, multi-language HTML/CSS site deployed to AWS S3 + CloudFront.
For the authoritative, always up-to-date sitemap, use the live page:

The sections below mirror the structure of sitemap.html with direct, HTTPS links and icons aligned with the ISMS Style Guide.

๐Ÿ  Home & Company

Mission, values, company details, and CIA Triad foundations.

๐Ÿ”‘ Security Services

Professional cybersecurity consulting focused on security architecture, cloud security, DevSecOps, and compliance โ€” with evidence-based practices and public ISMS.

๐Ÿš€ Projects (Open-Source & Reference Implementations)

Open-source and reference projects used as live demonstrations of secure architecture, transparency, and practical security.

๐ŸŽฎ Black Trigram (Security-Aware Game)

Realistic 2D precision combat simulator based on traditional Korean martial arts, used as a security-aware game and educational platform.

๐Ÿ›๏ธ Citizen Intelligence Agency (CIA)

Open-source parliamentary monitoring and OSINT platform analyzing Swedish politics.

๐Ÿ“‹ CIA Compliance Manager

Browser-based compliance and CIA-triad assessment tool with no backend, focused on risk, impact, and framework mapping.

๐Ÿ—ณ๏ธ Riksdagsmonitor

Swedish Parliament Intelligence Platform monitoring political activity in Sweden's Riksdag with systematic transparency through real-time analysis and 50+ years of historical data (1971-2024).

๐Ÿ‡ช๐Ÿ‡บ EU Parliament Monitor

European Parliament Intelligence Platform with automated multi-language news generation covering plenary sessions, committee reports, propositions, and breaking news in 14 languages.

๐Ÿ”Œ European Parliament MCP Server

Model Context Protocol Server for European Parliament Open Data โ€” providing AI assistants with structured access to MEPs, plenary sessions, committees, legislative documents, and parliamentary questions.

๐ŸŽฎ Game Template

Secure game development template with React, TypeScript, Three.js, and Vite - built with security-first principles, comprehensive SBOM generation, and automated security testing aligned with Hack23 AB's ISMS.

๐ŸŽ Discordian Cybersecurity Blog & Insights

All blog content is centrally indexed here:

The blog blends ISMS-aligned policies with a Discordian, Illuminatus!-style narrative, making complex security concepts accessible while still professionally mapped to the public ISMS.

๐ŸŽญ Core Manifesto & Philosophy

Representative themes (see blog.html for the full list and latest updates):

  • ๐Ÿง  Everything You Know About Security Is a Lie
  • ๐Ÿ›๏ธ The Security-Industrial Complex
  • ๐Ÿ”’ Question Authority: Crypto Approved By Spies
  • ๐Ÿท๏ธ Think For Yourself: Classification & Data Handling

๐Ÿ›๏ธ CIA Project Series

Architecture, security, and financial/operational views of the Citizen Intelligence Agency platform:

๐ŸŽฎ Black Trigram Series

Deep dives into the architecture, biomechanics, and future roadmap of Black Trigram:

๐Ÿ“‹ Compliance Manager Series

Applies the CIA triad, STRIDE, and adaptive defense to real-world compliance tooling:

๐Ÿงช Code Analysis: โ€œGeorge Dornโ€ Series

Evidence-based code reviews based on the actual cloned repositories, not just documentation:

๐Ÿง  Thought Leadership & Election Analysis

For the full and current list of posts, see:
๐Ÿ‘‰ https://hack23.com/blog.html

๐Ÿ›ก๏ธ ISMS & Security Policies (Public ISMS)

The โ€œDiscordianโ€ documents on hack23.com mirror and explain the formal ISMS-PUBLIC repository in a more narrative, accessible style.
Key entry points:

Representative domains (see sitemap.html for the complete tree):

For the canonical policy set and machine-verifiable versions, see the public ISMS repository:
๐Ÿ”“ https://github.com/Hack23/ISMS-PUBLIC

๐ŸŒ Languages (Internationalization)

Hack23.com supports multiple languages, following the _sv / _ko conventions and language-specific sitemap pages.

๐Ÿ‡ฌ๐Ÿ‡ง English (default)

๐Ÿ‡ธ๐Ÿ‡ช Swedish

๐Ÿ‡ฐ๐Ÿ‡ท Korean

๐Ÿ‡ณ๐Ÿ‡ฑ Dutch

๐Ÿ‡ฉ๐Ÿ‡ช German

๐Ÿ‡ซ๐Ÿ‡ท French

๐Ÿ‡ฏ๐Ÿ‡ต Japanese

๐Ÿ‡จ๐Ÿ‡ณ Chinese

๐Ÿ”ง Technical Resources

Technical endpoints and repositories powering the public site:

GitHub Repositories:

๐Ÿ“ซ Connect

LinkedIn GitHub Blog Tech Talks

Profile Views

Pinned Loading

  1. Hack23/ISMS-PUBLIC Hack23/ISMS-PUBLIC Public

    Hack23 Public Information Security Management System:Security Through Transparency and Open Documentation Demonstrating Security Excellence Through Public ISMS Disclosure

    22 6

  2. Hack23/cia Hack23/cia Public

    Citizen Intelligence Agency. Open-source intelligence platform analyzing Swedish political activities using AI and data visualization. Tracks politicians, government institutions, and parliamentaryโ€ฆ

    Java 206 52

  3. Hack23/riksdagsmonitor Hack23/riksdagsmonitor Public

    Riksdagsmonitor is a comprehensive intelligence platform for monitoring political activity in Sweden's Riksdag (Parliament). Built on the Citizen Intelligence Agency (CIA) platform, we provide systโ€ฆ

    HTML 2 1

  4. Hack23/cia-compliance-manager Hack23/cia-compliance-manager Public

    The CIA Compliance Manager is an application that helps organizations assess and manage the availability, integrity, and confidentiality of their systems and data based on customizable security levโ€ฆ

    TypeScript 15 6

  5. Hack23/blacktrigram Hack23/blacktrigram Public

    Black Trigram is a realistic combat simulator that teaches authentic Korean martial arts through precise anatomical targeting. Master traditional vital point techniques through modern 3D combat mecโ€ฆ

    TypeScript 5 2

  6. Hack23/game Hack23/game Public

    A clean, minimal template for building games with React, TypeScript, Three.js, and Vite - built with security-first principles.

    TypeScript 10 5