SecOps-NG
About the commons

A Digital Commons for sovereign security operations.

What this is

SecOps-NG is a community-driven initiative — a Digital Commons — building durable, auditable security workflows on European sovereign infrastructure. It is not a vendor and not a consultancy. The output is community infrastructure: shared playbooks, reference workflows, and a Python framework that anyone in the commons can read, audit, fork, and improve.

What the commons believes

Digital sovereignty is a public good. A society that cannot defend its own networks, on infrastructure inside its own jurisdiction, with tools it can read and audit, has outsourced something essential. Restoring that capability is a shared, generational project, not a procurement task.

The European regulatory baseline — the body of directives and regulations that frame how essential and important entities must operate — is not the point of this work. It is a backdrop. The point is the operational readiness that lets communities defend themselves with clarity, without renting the capacity from outside the continent.

How the commons works

  • Open by default. The framework, the playbooks, and the reference deployments are published under permissive licenses. If you can read code, you can read the defences the commons relies on.
  • Sovereign by architecture. Reference deployments target European-resident, European-governed infrastructure. There are no hidden calls to non-EU services in the framework defaults.
  • Durable by design. Critical workflows are composed as LangGraph state machines with strict Pydantic v2 contracts at every boundary. State transitions are explicit, replay-friendly, and reviewable as plain code.
  • Community-first governance. Decisions happen in the open on GitHub — RFCs, governance flags, issue threads. Anyone affected by a change is welcome to weigh in on it.

How to take part

There is no membership form. Participation looks like this:

  • github.com/secops-ng — read the framework, file issues, open pull requests, comment on RFCs and governance flags.
  • Field notes — design dispatches, postmortems, and walkthroughs from the commons. The collection is small for now and growing.
  • Community — code of conduct, governance, and contribution practices that keep the commons workable.

Federations beat monopolies. The doors are open.