About James Pether Sörling

Experienced technology professional with expertise in information security and delivery of secure cloud systems. Strong advocate for transparency in organizations and committed to ensuring the security and reliability of my open source projects through the use of industry best practices such as OpenSSF and CII Best Practices. James Pether Sörling, a security professional and open source contributor, gave a talk at Javaforum Göteborg where he discussed how to secure your development pipeline with static and dynamic application security tests, as well as software composition analysis using Sonarqube. In addition, Sörling was a guest on the Shift Left Like A Boss security podcast, where he discussed open source tools that can make high velocity development more secure. As an open source contributor for cfn-nag, which performs infrastructure as code (IaC) static analysis of AWS CloudFormation, he also wrote an open source module that integrates CFN-nag into SonarQube.

• Open source developer and founder of Hack23
• Check out his OpenHub profile
• View his talks on GitHub
• Connect with him on LinkedIn

Press Coverage

• Computer Sweden - This article highlights the innovative use of technology in revealing the activities of politicians. It features James Pether Sörling's work in leveraging data-driven insights to promote transparency in political processes.
• Riksdag och Departement - A Swedish publication that discusses the role of Citizen Intelligence Agency in monitoring politicians. It underscores James Pether Sörling's commitment to fostering accountability in politics through the strategic use of technology.
• Expressen - An opinion piece that addresses the issue of political absenteeism. It features a quote from James Pether Sörling, demonstrating his thought leadership in the field of political transparency and accountability.
• National Democratic Institute: Strengthening Parliamentary Accountability, Citizen Engagement and Access to Information - A comprehensive survey report that underscores the importance of parliamentary monitoring organizations in Sweden. It acknowledges James Pether Sörling's significant contributions to these organizations, reinforcing his commitment to strengthening democratic processes.

Past Projects

• Citizen Intelligence Agency - A volunteer-driven, open-source intelligence (OSINT) project that provides a neutral and comprehensive dashboard focusing on political activity in Sweden. By monitoring key political figures and institutions, the platform offers valuable insights into financial performance, risk metrics, and political trends. Additionally, the dashboard features a ranking system, enabling users to objectively compare politicians based on performance. The Citizen Intelligence Agency seeks to encourage informed decision-making, enhance transparency in governance, and cultivate an engaged and well-informed citizenry. The initiative is independent and non-partisan, utilizing data, metadata, and charts related to the Swedish Parliament and government, encompassing parliament members, committees, documents, ballots, decisions, ministries, government members, and political parties. The project relies on open data from various sources such as:
  • Swedish Parliament Open Data - Offers a wide range of data related to the Swedish Parliament, including members, committees, and documents.
  • Swedish Election Authority - Provides information on election processes, results, and political parties in Sweden.
  • World Bank Open Data - Contains global development data, including economic indicators and demographic information.
  • Swedish National Financial Management Authority (ESV) Public Sector Information (PSI) Data - Offers data on government finances, economic trends, and public sector operations in Sweden.
  Explore our Citizen Intelligence Agency's Architecture Overview , where you can dive into the detailed structure of our project. This page provides a comprehensive look at our project's system context, its various components, and the deployment strategy. It also includes guides for developers and database administrators, making it a valuable resource for understanding the mechanics of our work.
• Sonar-CloudFormation-Plugin - A plugin for SonarQube that allows users to analyze CloudFormation templates written in YAML or JSON, developed in Java. The plugin uses the SonarQube API to perform code analysis on the templates and generate detailed reports on best practices, potential security issues, and other code quality metrics. The plugin integrates with cfn-nag and Checkov to provide additional security checks based on the CWE, NIST 800-53, and ISO 27001 standards.

Current Projects

• Lambda in Private VPC - A proof-of-concept (POC) showcasing a multi-region active/active site leveraging Resilience Hub policy compliance and runbooks to facilitate rapid recovery from failures.