cqrenet/antifragile
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12 Commits 1 Branch 0 Tags
bcebf8ebb30fdd7c72aa57ffd71d9436122a5bc6
Commit Graph

10 Commits

Author SHA1 Message Date
Claude Sonnet 4.6 bcebf8ebb3 feat: Add critical infrastructure adaptation for Rule 5 (greenfield) 
move-fast-and-fix-things.md: 'The Critical Infrastructure Adaptation'
section in Rule 5. OT/NT environments where full greenfield is impossible.
Five-layer adapted stack: IT greenfield protects OT, OT config as code,
manual operation as fallback, compartmentalisation as partial burn,
long-cycle planned refresh. OT greenfield test with 4h/48h/2w targets.

vertical-power-utilities.md: New 'The Controlled Burn Adaptation' section.
Full treatment of when greenfield is not an option. Five-layer OT-adapted
stack. Explicit acceptance statement framework for genuinely irreplaceable
OT components (name, isolate, monitor, plan replacement). The OT greenfield
test. Reference back to Rule 5.

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
 2026-06-05 06:58:07 +00:00
Claude Sonnet 4.6 a337af7ddf feat: Add housekeeping stream and greenfield capability as Rules 4 and 5 
move-fast-and-fix-things.md: Three Rules -> Five Rules.
Rule 4: Housekeeping as a permanent stream (named owner, cadence, queue).
Rule 5: Greenfield capability as standard operational activity every 5 years.
Updated pillar mapping table.

antifragile-manifest.md: Pillar 1 Antifragile Moves: greenfield capability
as the ultimate expression of structural decoupling. Controlled burn framing.

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
 2026-06-05 06:53:31 +00:00
Claude Sonnet 4.6 6e86f0844e fix: Correct speed claim and add infinite vulnerability surface section 
Speed Is a Security Control: Replace overconfident '90% solution today'
with honest target: 30-60% in 180 days. Real comparison is progress vs.
the 0% that stays when waiting for the perfect plan.

New section 'When the Vulnerability Surface Is Effectively Infinite':
AI-scale vulnerability discovery (e.g. Project Glasswing) does not call
for AI-assisted patching. It calls for architecture that makes most
vulnerabilities matter less: kill chain prioritisation, blast radius
limitation, assume-breach posture, known-good baseline. Architecture
beats velocity in the vulnerability race.

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
 2026-06-05 06:44:32 +00:00
Claude Sonnet 4.6 46a1f7e005 feat: Add AI Mythos counter-narrative; rewrite ai-sovereignty-framework 
move-fast-and-fix-things.md: 'The AI Distraction' section.
  Multiplier principle, CIS IG1 sequencing, client redirect script.

antifragile-manifest.md: Pillar sequencing note (Pillar 4 after 1-3).

consultant-field-guide.md: Mistake #11 + AOC->PULSAR rename.

ai-sovereignty-framework.md: Full rewrite with regulatory framing,
  sovereignty spectrum, updated objections, CQRE product examples.

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
 2026-06-05 05:19:21 +00:00
Claude Sonnet 4.6 48f891db36 feat: Fix review issues and integrate ASTRAL, PULSAR, AURORA product suite 
Framework fixes:
- antifragile-manifest.md: Correct AI Sovereignty pillar (data residency/audit rights framing); add consultant note
- executive-summary.md: Same AI sovereignty correction; add EU Regulatory Context (NIS2, DORA, GDPR)
- README.md: Add Brownhat brand explanation; expand Standards Alignment with NIS2/DORA/GDPR
- core/about-cqre.md: Prominent TEMPLATE WARNING banner to prevent accidental sharing
- index.md: Add CQRE Product Suite; renumber consultant nav 1-26 consistently

New: playbooks/cqre-product-suite.md - ASTRAL/PULSAR/AURORA product reference with antifragile pillar alignment, regulatory mapping, deployment prerequisites, and objection handling

Updated: sovereign-tool-stack.md - ASTRAL updated to GitHub product spec; AOC replaced with PULSAR; AURORA section added

Co-Authored-By: Tom Kracmar <tom+claude@cat6.cz>
 2026-06-05 04:59:20 +00:00
tomas.kracmar 64f73371c9 feat: Add engagement model, consultant field guide, deliverable templates, CQRE tools integration, and Czech localization 
New documents:
- core/engagement-model.md: Full client-facing engagement lifecycle (Sections 1-6) plus consultant delivery discipline (Section 7)
- core/consultant-field-guide.md: Decision models, client qualification, module selection, 10 common mistakes, technical onboarding, proposal writing
- core/about-cqre.md: Company overview template with [PLACEHOLDER] markers for client-facing use
- core/about-cqre-cs.md: Czech version of company overview (O společnosti CQRE)
- core/executive-summary-cs.md: Czech translation of the board executive summary
- assessment-templates/nist-csf-baseline.md: Full Brownhat Diagnostic workshop methodology (NIST CSF 2.0)
- assessment-templates/nist-csf-baseline-cs.md: Czech version of Brownhat Diagnostic (for Czech-language workshops)
- assessment-templates/module-completion-report.md: Module completion package template
- assessment-templates/risk-register-example.md: 8 fully populated risk entries (Meridian Logistics GmbH fictional engagement)
- playbooks/privileged-access-architecture.md: Module 13 - Teleport, Tailscale/Headscale, JIT access, vendor governance
- playbooks/sovereign-communications.md: Module 14 - Delta Chat chatmail relay, Matrix/Element, crisis channels

Updated documents:
- playbooks/sovereign-tool-stack.md: Added Elysium, CAExporter, E8-CAT, macOS_IntuneManagement, IntunePolicyParser, M365-Scripts; updated capability matrix and module pairings
- core/modular-engagements.md: Module 2 now includes CAExporter as first step; Module 6 includes Elysium password audit
- reference/nist-csf-mapping.md: Added back-reference to nist-csf-baseline.md
- assessment-templates/README.md: Changed Q1/Q2/Q3/Q4 to Phase 1/2/3/4, added Status column
- index.md: Registered all new documents; restructured consultant navigation into three labeled groups (1-25)
- README.md: Updated directory tree; updated Quick Start for Consultants

Czech localization pointers:
- executive-summary.md: Added Česká verze pointer
- nist-csf-baseline.md: Added Česká verze pointer
- engagement-model.md: Added note that client-facing Czech translation is planned

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-27 21:33:52 +02:00
tomas.kracmar 7bab42398a Add Spontaneous Order Principles core document 
Distills philosophical insights from emergent systems thinking into
five enterprise-applicable principles, mapped to the antifragile
manifest pillars. Excludes all anarcho-taoist references.

- New: core/spontaneous-order-principles.md
- Updated: core/antifragile-manifest.md (cross-references)
- Updated: index.md (navigation and document tables)
 2026-05-25 10:07:00 +02:00
tomas.kracmar 2b969af2a8 feat: Add sovereign tool stack and integrate ASTRAL/AOC across playbooks 
New document: Sovereign Tool Stack — complete capability map for our
open-source consulting arsenal.

Documents updated:
- sovereign-tool-stack.md (new): Maps Prowler, BloodHound, CISO Assistant,
  Purple Knight/Forest Druid, ASTRAL, and AOC to engagement modules and
  antifragile pillars. Identifies 6 gaps with recommended closes:
  Wazuh+Sysmon (EDR), Shuffle (SOAR), TheHive+Cortex (case management),
  Cartography (cloud asset mapping), Syft+Grype+Trivy (containers),
  Zeek+Suricata (network analysis). Includes per-module tool pairing,
  deployment complexity matrix, and integration architecture.
- m365-e3-hardening.md: Added ASTRAL 'configuration immunity' section
  and AOC audit log integration references
- endpoint-management-entry-vector.md: Added ASTRAL for Intune
  configuration backup and drift detection
- modular-engagements.md: Added ASTRAL and AOC to Module 1/2/3
  deliverables; linked sovereign tool stack
- retained-capability.md: Added AOC and Wazuh to detection engineering
  description
- ai-assisted-tvm.md: Added AOC and Prowler to discovery layer table
- blue-purple-team-foundation.md: Added sovereign tool stack reference
  for open-source SOC architecture
- zero-budget-hardening.md: Linked sovereign tool stack
- README.md + index.md: Added sovereign-tool-stack.md to navigation
 2026-05-09 17:05:18 +02:00
tomas.kracmar 3569cd7c45 fix: Correct M365 E3 licensing capabilities across playbooks 
E3 includes Entra ID P1 (conditional access, SSPR) and Defender for
Endpoint P1 (AV, device control, ASR audit mode), not just 'Free'/'AV only'.

Key corrections:
- m365-e3-hardening.md: Entra ID P1 with conditional access is now
  correctly listed as included; Intune is full not 'basic'; ASR audit
  mode is available in P1; risk-based gap reframed as 'No Entra ID P2'
- zero-budget-hardening.md: E3 comparison table now shows Entra ID P1
  and Defender for Endpoint P1 correctly; pitch text updated
- modular-engagements.md: MFA description now reflects conditional
  access availability in E3
- m365-antifragile-project.md: Conditional Access heading now correctly
  notes E3 includes P1; E3 baseline mentions conditional access
- endpoint-management-entry-vector.md: Intune described as full MDM/MAM
 2026-05-09 16:58:36 +02:00
tomas.kracmar 763da003d3 Initial commit: antifragile cybersecurity consulting blueprint 
Complete repository of frameworks, playbooks, and assessment resources
for cybersecurity consultations focused on antifragile enterprise design.

Includes:
- Core philosophy and manifest (5 pillars)
- 12 modular engagement packages
- AI sovereignty and operations frameworks
- Zero-budget vulnerability discovery and hardening playbooks
- M365 E3 hardening and antifragile project plans
- Osquery sovereign discovery platform blueprint
- Perimeter scanning capability guide
- AI-assisted TVM blueprint for AI-powered adversaries
- Vertical specializations: banking, telco, power/utilities
- CIS Controls v8 and NIST CSF 2.0 mappings
- Risk registers and assessment templates
- C-suite conversation guide and business case templates
 2026-05-09 16:53:22 +02:00