STIGVIEWER
A MoxyWolf · OpenControls.ai property
the feeling: calm, defensible, accessible
Methodology Brief

The Multi-Lensatic Methodology: translation, not conquest

A Babel-fish approach to compliance. Every framework keeps its own language. Translation happens at the seam, on demand, with the evidence trail intact.

The Engine · Build-Time Harmonization
The slow, auditable foundationDone once · refreshed as sources move

Matching entities across vocabularies, classifying terms on shared axes, and arbitrating between conflicting testimony. Expensive up front. It buys the fast, cheap read-time payoff on the other side.

01

Curated Heuristics

Expert-written pattern rules over canonical forms. Versioned, citable, zero variance.

02

Algorithmic Heuristics

Morphological normalization and variant clustering. Deterministic and replayable.

03

Explicit AI

The idempotent rules engine. Only touches rows still flagged pending, so re-runs stay safe.

04

Generative AI

Handles the genuinely tacit cases. Returns structured calls with confidence and evidence.

No witness gets crowned. A rule firing at ≥0.9 wins outright. Between 0.6–0.9, both testify — the stronger side writes, the loser is preserved in provenance. No rule, unsure model? The row honestly stays Unknown and flags for the next pass.
The Five Lenses · Parallel Testimony
01

Regulatory Mandate

The Obligation
Statutes · Regulations · Frameworks
"What am I obligated to do?"
02

Technical Control

The Configuration
STIGs · Benchmarks · Hardening guides
"What gets configured, and how is it graded?"
03

Workforce Role

The Responsibility
NICE · DCWF · 8140 · O*Net
"Whose job is this?"
04

Proficiency

The Demand
Cognitive levels · Literacy tiers · Dreyfus stages
"How hard is it, and what does it demand?"
05

Automation Capability

The Skill
AI skills · Plugins · Agent tiers
"Can software do this, and to what degree?"
Sovereignty Over Conquest
The Babel Fish Principle
No framework sits at the center

The method acts as a translator, never a judge. Each community keeps its own vocabulary, its own purpose, its own authority. The method never asks a standards body to change a word. Existing crosswalks aren't competitors — they're absorbed as one more witness, scored and sourced alongside the rest.

The Convergence

A Single Unit of Work

All five lenses converge on one canonical point — where legal language, technical fix, human task, and automation tier become the same action.

The Payoff · Read-Time Disambiguation
Enter through any door

A user arrives speaking exactly one vocabulary — a STIG, a job title, an AI plugin. The system resolves it to the canonical unit and re-renders it through every other lens. Fast and cheap, because harmonization already paid the toll.

CMMCFedRAMPimplement once · report in both
Multi-framework efficiency: Implement controls once for CMMC. When the FedRAMP assessor calls, walk the mappings and report through the ones that hold — same work, claimed in both languages.
Enter through any door, see the paths to all the rooms.
Whether the surface is a viewer, a dashboard, or a raw GraphQL query.