From c10eb6b6e3359040de6aaeeb1b95187739112c63 Mon Sep 17 00:00:00 2001 From: tristanroth1 Date: Sat, 20 Jun 2026 00:04:54 +0200 Subject: [PATCH] Add heygrc to Tools --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4a0cc13..7345074 100644 --- a/README.md +++ b/README.md @@ -126,6 +126,7 @@ Open-source and commercial tools that enable GRC Engineering practices — polic | [**Corsair**](https://grcorsair.com/) | Signs compliance findings as W3C Verifiable Credentials (Ed25519 / JWT) so any party can verify integrity without trusted intermediaries. | | [**Gemara**](https://gemara.openssf.org/) | OpenSSF seven-layer logical model for automated GRC engineering — standardised, machine-readable schemas (CUE) for compliance interoperability. | | [**GRClanker**](https://www.grclanker.com/) | Spec-driven open-source AI GRC CLI — bring your own AI agent (Claude, Codex, Gemini…) to generate Go CLIs for FedRAMP, KEV, EPSS, SCF crosswalks. | +| [**heygrc**](https://heygrc.com) | GitHub App that reviews pull requests against compliance frameworks (ISO 27001, SOC 2, GDPR, EU AI Act, and more), flags changes that put a control at risk, and says what to fix, citing the control clause. | | [**myctrl.tools**](https://www.myctrl.tools/) | Fast, searchable reference site for security compliance controls across frameworks (FedRAMP Rev5, DoD SRG, and more). | | [**SCF API**](https://hackidle.github.io/scf-api/) | API for the Secure Controls Framework (1,400+ controls mapped to 200+ laws, regulations, and frameworks). | | [**Compliance Trestle**](https://github.com/oscal-compass/compliance-trestle) | OSCAL-native compliance-as-code platform for CI/CD authoring, validation, and governance of compliance artifacts in git. |