Ecosystem
Obsidian plugins
Section titled “Obsidian plugins”Crosswalker is designed to complement existing Obsidian tools:
| Plugin | Relationship |
|---|---|
| Dataview | Query Crosswalker-generated frontmatter |
| Obsidian Bases | Create table/card views of framework data |
| Folder Notes | Treat framework folders as navigable notes |
| Templater | Customize generated note templates |
| QuickAdd | Create macros for evidence linking |
GRC tools
Section titled “GRC tools”Metadata ecosystemFor a detailed analysis of how Obsidian’s metadata landscape is evolving (Properties, Dataview, Bases, Datacore) and what it means for Crosswalker, see Obsidian metadata ecosystem.
Crosswalker doesn’t replace GRC platforms — it provides a knowledge-layer complement:
- Import from: NIST, CIS, MITRE, ISO, CRI, FFIEC, and any CSV/XLSX/JSON source
- Export to: Planned OSCAL export for interoperability (see the crosswalk edge semantics commitment and the evidence-link edge model synthesis for the two edge-type export targets)
- Bridge: Plain-text notes that can feed into any system
CISO Assistant
Section titled “CISO Assistant”Open-source GRC tool supporting 80+ frameworks (NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, GDPR, HIPAA, and more). Key features:
- Decoupling principle — define controls once, reuse across frameworks
- Auto-mapping — automatic crosswalks between supported standards
- API-first — programmatic access for integration
- GitHub
Where Crosswalker differs: CISO Assistant is a full GRC database; Crosswalker brings framework data into your knowledge base as plain-text notes you own.
SCF with STRM
Section titled “SCF with STRM”The Secure Controls Framework uses Set Theory Relationship Mapping (STRM) — a mathematical approach to crosswalking frameworks. The STRM Excel bundle is one of the most comprehensive mapping datasets available. Crosswalker’s 04-10 foundation synthesis commits to STRM’s 5-relationship vocabulary (paired with SSSOM as the metadata envelope) as the required predicate_id for every crosswalk edge.
Commercial platforms
Section titled “Commercial platforms”- Apptega — framework crosswalking as a service
- HITRUST MyCSF — compliance framework management
- RegScale — OSCAL-native compliance automation
- Drata / Vanta — automated compliance monitoring
See framework standards for a complete reference.
Design philosophy
Section titled “Design philosophy”- Plain text first — Everything in markdown, YAML, and JSON
- Framework agnostic — Easy to add new frameworks
- Tool-agnostic outputs — Works with Bases, Dataview, or nothing
- No lock-in — Standard Obsidian files, delete the plugin and your data remains