Resources that guide you through all of compliance at once.

CMMC 101: What the Program Is and Why It Exists

The Cybersecurity Maturity Model Certification in plain language — what it protects, who it applies to, and how it reached your contract.

Daniel Ruiz 7 min

Curated Dinner60 seats

Tech & Policy Dinner

Manhattan, New York City To Be Announced

An evening for builders, compliance leaders, and policy voices shaping federal technology — real conversation over a long table.

Coming SoonJuly 2026

CMMC

Inside a CMMC Level 2 Assessment

A practitioner walks through what a C3PAO actually looks for — and where contractors lose points. We’re still putting this one together.

BeginnerCMMC

Do You Need CMMC? Reading the DFARS Clauses in Your Contract

How to spot 252.204-7012, -7019, -7020, and -7021, and what each one actually obligates you to do.

Daniel Ruiz 6 min

Resources

From first principles to deep cuts

Browse library

BeginnerCMMCNIST 800-171

CMMC 101: What the Program Is and Why It Exists

The Cybersecurity Maturity Model Certification in plain language — what it protects, who it applies to, and how it reached your contract.

Daniel Ruiz 7 min

BeginnerCMMC

Do You Need CMMC? Reading the DFARS Clauses in Your Contract

How to spot 252.204-7012, -7019, -7020, and -7021, and what each one actually obligates you to do.

Daniel Ruiz 6 min

BeginnerCMMCNIST 800-171

FCI vs. CUI: Knowing What You’re Actually Protecting

The difference between Federal Contract Information and Controlled Unclassified Information — and why it sets your CMMC level.

Priya Nair 6 min

BeginnerCMMCNIST 800-171

CMMC Levels 1, 2, and 3 — Which One Applies to You

Read your contract, find the level you owe, and avoid the costly mistake of over-scoping your assessment.

Daniel Ruiz 7 min

IntermediateCMMCNIST 800-171

Scoping Your CMMC Assessment: Drawing the Right Boundary

Asset categories, the scoping guide, and how to keep out-of-scope systems genuinely out of scope.

Priya Nair 11 min

IntermediateCMMCNIST 800-171

Building an SSP for CMMC Level 2 That Holds Up

Structure, implementation statements, and the evidence trail assessors expect to see behind each of the 110 controls.

Maya Chandra 13 min

Dinners & Events

The table, set

All events

Curated Dinner60 seats

Tech & Policy Dinner

Manhattan, New York City To Be Announced

An evening for builders, compliance leaders, and policy voices shaping federal technology — real conversation over a long table.

On-Demand

In the studio

All videos

Coming SoonJuly 2026

CMMC

Inside a CMMC Level 2 Assessment

A practitioner walks through what a C3PAO actually looks for — and where contractors lose points. We’re still putting this one together.

Coming SoonAugust 2026

FedRAMP

FedRAMP 20x: What’s Actually Changing

Machine-readable packages, key security indicators, and what the pilot means for your authorization timeline. In production now.

Coming SoonAugust 2026

NIST 800-53

Building Your First SSP, Control by Control

How to turn a control statement into an implementation that survives review. Filming soon — we’re still working on it.

Webinars

Live discourse

None for now.

We’re lining up our first sessions — check back soon.