Hi everyone, I'm currently working on my end-of-studies project focused on security auditing and compliance in OpenStack environments. As part of this project, I'm exploring how OpenStack deployments can align with compliance frameworks, especially SecNumCloud (from the French cybersecurity agency ANSSI). However, I'm also very interested in hearing about any tools, methods, or practices used for other standards (ISO 27001, CIS, FedRAMP, etc.). I'm still new to OpenStack and cloud compliance in general, and I'm finding it challenging to identify practical tools or workflows that companies actually use to perform security audits or compliance checks in OpenStack. If you're using (or have used) any tools, scripts, checklists, middleware, SIEM integrations, etc. for auditing OpenStack security or compliance I would be incredibly grateful if you could share your experience or point me in the right direction 🙏 Thank you so much in advance! Best regards,