Professional Governance, Risk & Compliance Portfolio

Confirmed SAQ A eligibility but uncovered critical access and logging gaps. Delivered actionable fixes to secure administrative systems and meet PCI DSS v4.0.1 Requirements 8 and 10.

Enterprise-style PCI DSS v4.0.1 laboratory implementing secure payment processing, cardholder data protection, centralized monitoring, privileged access control, and compliance-focused security architecture.

Real-world IT infrastructure, security, and automation case studies — PCI DSS, M365, Linux, monitoring

The world's first intentionally broken GRC environment. Learn GRC by finding what's broken in NexaCorp. NexaCorp is a fictional fintech with every compliance failure imaginable.