login: jasvant
Last login: Seattle, WA · IT Manager
$ booting portfolio.sh …
✔ mounting 10 years of experience
✔ loading GRC · HIPAA · NIST · FERPA
✔ initializing 12-product lab
ready.
Skip to content

$ ls ./products

Tools that turn friction into momentum.

Every product here exists because something that should have been easy was needlessly hard — OCR that fails on the world’s scripts, knowledge locked in manuscripts, fleets that break before anyone notices. Some are live today; others are taking shape on the workbench.

Built & sold under Dosanjh Labs

Sightline, Bastion, Lookout, and Cairn are my commercial security & compliance suite, built and sold through Dosanjh Labs. Visit the storefront for pricing, docs, and product pages.

dosanjhlabs.com

$ git clone — free & open

Open source

Tools I’ve open-sourced for IT and security teams to run, audit, and self-host — no lock-in.

open source
L

Ledger

IT Documentation

Live Published Jun 13, 2026

Turn an Obsidian vault into a governed company documentation hub.

Ledger turns an Obsidian vault into a governed, company-grade documentation hub: a shared org vault with roles and permissions, review/approval governance, org-wide search, read-only published portals, and a full audit trail. Everything stays Obsidian-compatible Markdown — no lock-in. Run it hosted, or self-host the open-source core.

  • Shared org vault with roles, permissions, and review/approval governance over every doc.
  • Org-wide search, read-only published portals for readers, and a complete audit trail.
  • Obsidian-compatible Markdown with no lock-in — hosted, or self-host the open-source core.
DocumentationObsidianMarkdownKnowledge Base
open source

GurmukhiFix

Python / OCR / NLP

Live Published Jun 11, 2026

Safe, evidence-gated OCR correction for Gurmukhi & Indic scripts.

An OCR post-processing engine that repairs the systematic Unicode-order and diacritic errors OCR makes on Gurmukhi (Punjabi), Hindi and Devanagari — and is built so it can never silently corrupt correct text, including Gurbani. Every automatic change must clear an evidence gate: verbatim scripture is locked, and any substitution needs a validity gain or a dictionary hit. It is engine-agnostic, reading Tesseract, Surya, Gemini and Google Vision output alike.

  • An evidence gate plus a 67,000-word Gurbani lexicon lock scripture and refuse any blind, unsupported edit — proven by property-based tests across every supported script.
  • OCR-engine-agnostic input (Tesseract JSON/TSV/hOCR, ALTO, Surya, Google Vision), so it survives the shift beyond Tesseract.
  • On 300 real Sri Guru Granth Sahib lines with OCR errors injected, character error rate drops to 0.00 — with zero corruption of clean text.
  • Live on PyPI — pip install gurmukhifix — with the Gurbani lexicon bundled inside the wheel.
PythonUnicodeGurbani lexiconPyPI
open source
L

Lookout

Infrastructure / Monitoring

Live Published Jun 11, 2026

Know your servers are healthy — before they’re not.

Lookout is infrastructure monitoring built for humans. Lightweight agents report each server’s health to one dashboard in plain English — “disk /data is 94% full” instead of a wall of raw metrics — so anyone can tell what needs attention at a glance.

  • Single, dependency-free agent for Linux, Windows, and macOS — outbound-only, no open ports.
  • Plain-English OK / WARNING / CRITICAL alerts via email, Slack, or webhooks, with deduplication and escalation.
  • Nagios-plugin compatible, with managed and on-prem deployment options.
MonitoringAgentsAlertingCross-Platform
open source
C

Cairn

IT Asset Reconciliation

Live Published Jun 10, 2026

Every device. One source of truth.

Cairn reconciles your device fleet across every tool you already run — Jamf, Intune, Kandji, JumpCloud, CrowdStrike, Defender, and more — and syncs one authoritative inventory into Snipe-IT. It resolves conflicting records by serial number, previews every change with a dry run, and finally makes your asset system of record actually accurate. Open-source under AGPL-3.0.

  • Pulls from 12+ MDM and EDR sources and writes one reconciled source of truth to Snipe-IT.
  • Serial-based reconciliation with a trust-priority system and a dry-run preview before any change.
  • Single cross-platform binary (macOS, Windows, Linux) with a guided GUI — no YAML required.
Snipe-ITMDM / EDR SyncOpen Source (AGPL)Cross-Platform
open source
S

Sikh Library — Living Dataset

NLP / Dataset

Live Published May 31, 2026

The open corpus underneath it all.

A continuously updated multilingual corpus of Sikh manuscripts, scripture, and classical literature spanning English, Punjabi, Urdu, Hindi, and Devanagari script — over 758 million words across a 9 GB corpus. Curated to support RAG pipelines, semantic search, and NLP research on underrepresented South Asian languages.

  • Structured to power RAG pipelines, semantic search, and NLP research.
  • Focused on underrepresented South Asian languages and rare historical texts.
  • Open-access — built to preserve and democratize Sikh heritage for the global community.
DatasetHuggingFaceMultilingualOpen Access

Shipping now

Live products

Sikh University

ਸਿੱਖ ਯੂਨੀਵਰਸਿਟੀ

Education / Sikhi

Live Ongoing

A free, open online university for Sikhi — from the basics to the depths.

Sikh University is a free, open online university where anyone, anywhere can study Sikhi — from its basics to its depths. 200+ courses across 19 subjects (theology, history, philosophy, ethics, comparative religion, apologetics, science, language, music, the arts and more), each drawn from the works of a named Sikh scholar acting as the course professor, with tests, certificates, learning paths and magic-link accounts. It also has a read-along reader for the complete Sri Guru Granth Sahib Ji, Dasam Granth and Sri Sarbloh Granth Sahib with Santhya audio. Built free and open on Cloudflare, alongside the Sikh Archive.

  • 200+ courses across 19 subjects, each attributed to a real Sikh scholar, with key terms in Punjabi (Gurmukhi) and Chicago-style citations.
  • A read-along reader for the complete SGGS, Dasam Granth and Sri Sarbloh Granth Sahib, plus a beginner Gurmukhi primer (Baal Updesh).
  • A full platform: magic-link accounts, 80%-to-pass tests, printable certificates, learning paths, search, and one site-wide light/dark theme — on Cloudflare (Workers + D1 + R2), in Astro + Tailwind.
AstroTailwindCloudflare WorkersD1 / R2
S

Sightline

Compliance / GRC

Live Published Jun 7, 2026

Know your compliance before an auditor — or an attacker — does.

Sightline is a compliance platform that continuously checks your security posture against 22+ frameworks — NIST CSF 2.0, HIPAA, SOC 2, PCI DSS, ISO 27001, CMMC, FERPA, GDPR, and more. It connects to the identity, device, cloud, and ticketing tools you already run and tells you, in plain English, exactly where you stand — before a gap turns into a failed audit or a breach.

  • Continuous, plain-English verdicts on controls across 22+ regulatory frameworks at once.
  • Connects to your existing identity, MDM, cloud, and ticketing tools to gather evidence automatically.
  • Board-ready executive summaries with drill-down findings and licensed-professional GRC sign-off.
ComplianceGRCNIST / SOC 2 / HIPAASecurity Posture
B

Bastion

Cybersecurity / GRC

Live Published Jun 12, 2026

CMMC Level 2, without the consultant.

Bastion walks defense suppliers through all 110 NIST 800-171 controls, calculates a live DoD SPRS score, and generates an audit-ready System Security Plan and POA&M — entirely in the browser, so sensitive CUI never leaves the machine. Built for the small and mid-size suppliers that primes like Boeing now require to reach CMMC Level 2.

  • Guided 110-control NIST 800-171 self-assessment with a live, methodology-accurate DoD SPRS score.
  • Auto-generates the SSP and POA&M assessors expect, and prioritizes the highest-impact gaps to fix first.
  • Integrates with Sightline (compliance posture) and Cairn (asset inventory) to auto-evidence controls.
NIST 800-171CMMCGRCJavaScript
W

Ward

Compliance / GRC

Live Published Jun 13, 2026

Prove HIPAA compliance before an auditor — or 2026 — does.

Ward is a guided, plain-English HIPAA Security Risk Assessment plus a full compliance program: SRA, risk register, policy and BAA management, training records, and a one-click 2026 Security Rule readiness gap report. Local-first so PHI never leaves the machine, with optional cloud sync for multi-device and MSP multi-client management.

  • Guided HIPAA Security Risk Assessment across all 7 ONC sections with a plain-English risk register.
  • One-click 2026 HIPAA Security Rule gap report with a prioritized POA&M.
  • Local-first (PHI never leaves the machine) with optional cloud sync and an MSP multi-client console.
HIPAASecurity Risk AssessmentGRCLocal-First
C

Charter

Compliance / GRC

Live Published Jun 13, 2026

Write, version, and prove your security policies.

Charter is a guided security-policy generator plus a version-controlled, audit-ready policy library and full attestation workflow — draft, review, approve, publish, assign, attest. Real version diffs, framework-mapped clauses (HIPAA, FERPA, CMMC/800-171, SOC 2, ISO 27001, CIS, NIST), and machine-readable evidence that flows into Sightline, Bastion, and Ward.

  • Generates 25+ framework-mapped security policies from a plain-English questionnaire.
  • Built-in version control with real clause-level diffs and an employee attestation workflow.
  • Approved policies and attestations become evidence that feeds Sightline, Bastion, and Ward.
Policy ManagementAttestationVersion ControlGRC
C

Covenant

Vendor / TPRM

Live Published Jun 13, 2026

Vendor & third-party risk + BAA tracking.

Covenant tracks third-party risk, security reviews, and Business Associate Agreements across every vendor — so you always know who touches your data, what they signed, and when each agreement expires. Risk scoring, questionnaire workflows, and BAA lifecycle management in one console.

  • One register for every vendor: risk tier, security review status, and BAA on file.
  • BAA lifecycle tracking with renewal and expiry alerts so no agreement lapses.
  • Multi-tenant MSP console with white-label vendor portals and bulk reporting.
TPRMBAA TrackingVendor RiskGRC
W

Watchword

Awareness / Phishing

Live Published Jun 13, 2026

Phishing simulation + security-awareness training.

Watchword runs phishing simulations and delivers security-awareness training that actually changes behavior — with per-user risk scores that prove your workforce is getting harder to fool. Scheduled campaigns, branded landing pages, and compliance training tracks.

  • Realistic phishing simulations with per-user risk scoring over time.
  • SCORM courses and compliance training tracks with completion reporting.
  • Per-user pricing with a volume MSP tier and cross-client benchmarking.
Phishing SimulationSecurity AwarenessTrainingReporting
P

Passage

IT Lifecycle

Live Published Jun 13, 2026

IT onboarding & offboarding, automated.

Passage automates the IT side of onboarding and offboarding so nothing — and no access — slips through the cracks. Provision, transfer, and revoke across every app on day one and last day, with approval workflows, app connectors, and a full audit trail.

  • Automated provisioning and deprovisioning across your app stack via connectors.
  • Approval workflows, role templates, and SSO/SCIM sync for clean access control.
  • Per-user pricing with a multi-tenant MSP console and per-client runbooks.
IT LifecycleOnboarding / OffboardingProvisioningIT Ops
P

Perimeter

Attack Surface

Live Published Jun 13, 2026

Continuous vuln & external attack-surface scanner.

Perimeter continuously scans your external attack surface and known vulnerabilities, and tells you what to fix first — discovering the assets, domains, and exposures attackers can already see. Continuous scanning, vuln prioritization, and ticketing integrations.

  • Discovers your external attack surface — domains, assets, and exposures.
  • Continuous scanning with vulnerability prioritization and Slack/email alerts.
  • Ticketing integrations, scheduled reports, and a multi-tenant MSP tier.
Attack SurfaceVulnerability ScanningSecurityContinuous Monitoring
K

Klaxon

Incident Response

Live Published Jun 13, 2026

Incident response + breach notification playbook.

Klaxon gives you guided incident-response and breach-notification playbooks so you know exactly who to tell, and when — with jurisdiction-aware HIPAA and all-50-state notification timelines built in. Runbook builder, evidence log, tabletop exercises, and SLA timers.

  • Jurisdiction-aware HIPAA and all-50-state breach-notification timelines.
  • Runbook builder, evidence log, and notification templates for live incidents.
  • Tabletop exercises, SLA timers, and a multi-tenant MSP IR dashboard.
Incident ResponseBreach NotificationHIPAASecurity
open source
L

Ledger

IT Documentation

Live Published Jun 13, 2026

Turn an Obsidian vault into a governed company documentation hub.

Ledger turns an Obsidian vault into a governed, company-grade documentation hub: a shared org vault with roles and permissions, review/approval governance, org-wide search, read-only published portals, and a full audit trail. Everything stays Obsidian-compatible Markdown — no lock-in. Run it hosted, or self-host the open-source core.

  • Shared org vault with roles, permissions, and review/approval governance over every doc.
  • Org-wide search, read-only published portals for readers, and a complete audit trail.
  • Obsidian-compatible Markdown with no lock-in — hosted, or self-host the open-source core.
DocumentationObsidianMarkdownKnowledge Base
open source

GurmukhiFix

Python / OCR / NLP

Live Published Jun 11, 2026

Safe, evidence-gated OCR correction for Gurmukhi & Indic scripts.

An OCR post-processing engine that repairs the systematic Unicode-order and diacritic errors OCR makes on Gurmukhi (Punjabi), Hindi and Devanagari — and is built so it can never silently corrupt correct text, including Gurbani. Every automatic change must clear an evidence gate: verbatim scripture is locked, and any substitution needs a validity gain or a dictionary hit. It is engine-agnostic, reading Tesseract, Surya, Gemini and Google Vision output alike.

  • An evidence gate plus a 67,000-word Gurbani lexicon lock scripture and refuse any blind, unsupported edit — proven by property-based tests across every supported script.
  • OCR-engine-agnostic input (Tesseract JSON/TSV/hOCR, ALTO, Surya, Google Vision), so it survives the shift beyond Tesseract.
  • On 300 real Sri Guru Granth Sahib lines with OCR errors injected, character error rate drops to 0.00 — with zero corruption of clean text.
  • Live on PyPI — pip install gurmukhifix — with the Gurbani lexicon bundled inside the wheel.
PythonUnicodeGurbani lexiconPyPI
open source
L

Lookout

Infrastructure / Monitoring

Live Published Jun 11, 2026

Know your servers are healthy — before they’re not.

Lookout is infrastructure monitoring built for humans. Lightweight agents report each server’s health to one dashboard in plain English — “disk /data is 94% full” instead of a wall of raw metrics — so anyone can tell what needs attention at a glance.

  • Single, dependency-free agent for Linux, Windows, and macOS — outbound-only, no open ports.
  • Plain-English OK / WARNING / CRITICAL alerts via email, Slack, or webhooks, with deduplication and escalation.
  • Nagios-plugin compatible, with managed and on-prem deployment options.
MonitoringAgentsAlertingCross-Platform
open source
C

Cairn

IT Asset Reconciliation

Live Published Jun 10, 2026

Every device. One source of truth.

Cairn reconciles your device fleet across every tool you already run — Jamf, Intune, Kandji, JumpCloud, CrowdStrike, Defender, and more — and syncs one authoritative inventory into Snipe-IT. It resolves conflicting records by serial number, previews every change with a dry run, and finally makes your asset system of record actually accurate. Open-source under AGPL-3.0.

  • Pulls from 12+ MDM and EDR sources and writes one reconciled source of truth to Snipe-IT.
  • Serial-based reconciliation with a trust-priority system and a dry-run preview before any change.
  • Single cross-platform binary (macOS, Windows, Linux) with a guided GUI — no YAML required.
Snipe-ITMDM / EDR SyncOpen Source (AGPL)Cross-Platform
open source
S

Sikh Library — Living Dataset

NLP / Dataset

Live Published May 31, 2026

The open corpus underneath it all.

A continuously updated multilingual corpus of Sikh manuscripts, scripture, and classical literature spanning English, Punjabi, Urdu, Hindi, and Devanagari script — over 758 million words across a 9 GB corpus. Curated to support RAG pipelines, semantic search, and NLP research on underrepresented South Asian languages.

  • Structured to power RAG pipelines, semantic search, and NLP research.
  • Focused on underrepresented South Asian languages and rare historical texts.
  • Open-access — built to preserve and democratize Sikh heritage for the global community.
DatasetHuggingFaceMultilingualOpen Access

SikhArchive.net

Collaboration · Digital Heritage

Live Ongoing

Five centuries of Sikh literature, open to the world.

SikhArchive.net is a collaborative, open-access archive that makes centuries of Sikh manuscripts and literature freely searchable. This isn’t my own project — I contribute to it as a developer, helping push the platform forward alongside the team.

  • Working on integrating the 758M+ word Sikh Library dataset into the platform.
  • Built Gurbani search and an AI-powered search engine, plus design improvements.
  • Patching security vulnerabilities and shipping mobile web-app improvements.
WebAI SearchSecurityMobile Web

On the workbench

In progress & in the lab

Early-stage builds and concepts I’m actively shaping. Want to collaborate or pilot one? Reach out.

free · limited time
C

CertPrep

Education / Certification

Beta Published Jun 12, 2026

An in-depth, no-fluff study platform for Security+, CISM & PMP.

A self-study platform for three IT certifications — CompTIA Security+, ISACA CISM and PMI PMP — on one shared, no-build engine. It pairs 1,200+ original practice questions with a timed exam simulator, Leitner spaced-repetition flashcards, rapid drills, quick-reference sheets, an interactive study planner with calendar export, and topic-organised video lessons — with all progress kept locally in the browser.

  • 1,200+ original practice questions across Security+, CISM and PMP, with a timed exam simulator and scaled-score estimate.
  • Leitner spaced-repetition flashcards, rapid drills, quick-reference sheets, and an interactive study planner with .ics calendar export.
  • A fast, no-build engine — everything runs in the browser (localStorage) with Markdown export/import, installable as a PWA.
Vanilla JSHTMLJSONPWA
free · limited time
A

Aim528

Education / MCAT

Beta Published Jun 12, 2026

MCAT practice tests, questions and flashcards — aim for 528.

A MCAT study toolkit: 900+ original AAMC-style practice questions, five full-length timed exam simulators, spaced-repetition flashcards, a progress dashboard, cheat sheets, curated videos, and a three-month study plan — built on the same no-build engine as CertPrep, with all progress kept in the browser. Not affiliated with the AAMC.

  • 900+ original AAMC-style questions and five distinct full-length exam simulators with scaled-score estimates.
  • Leitner spaced-repetition flashcards, cheat sheets, curated video lessons, and a day-by-day three-month study plan.
  • A fast, no-build engine — everything runs in the browser (localStorage) with Markdown export/import; original items with site-wide AAMC disclaimers.
Vanilla JSHTMLJSONPWA

More on the way.

Dosanjh Labs is a living workshop. Browse the storefront, follow along on GitHub and HuggingFace, or tell me what you wish existed.