πŸ›‘οΈ DeterBot: ComplianceBot

Governance, Risk, and Compliance AI Assistant v0.0.9

Model Settings

Personas

ISSO
Information System Security Officer - security controls and compliance
ISSM
Information System Security Manager - risk management and oversight
Infrastructure Engineer
Technical implementation and system architecture

Chat Options

πŸ“‹ Compliance
πŸ—οΈ Under the Hood
πŸ’¬ Chat

Compliance Management

Workload Definition & Security Boundary

πŸ“‹ Workload-Specific Compliance
Define your workload's security boundary to enable context-aware control assessment and artifact validation. This creates a specific scope for compliance documentation and evidence collection.

🏒 Workload Definition β–Ό

☁️ AWS Resource Discovery

🌎 Regions 1 selected
📦 Resource Types All types
Weekly scans balance inventory freshness with Tagging API and Config costs.

πŸ” Control Artifact Validation β–Ό

πŸ€– Automated Evidence Detection

ComplianceBot automatically checks RAG document storage and AWS data sources for artifacts supporting each control narrative. Missing evidence is flagged for remediation.

Loading...
Artifacts Found
Loading...
Missing Evidence

πŸ—οΈ DeterBot: ComplianceBot Under the Hood

🛡 DeterBot: ComplianceBot v0.0.9

Production-ready AI compliance management platform built on AWS serverless architecture. Helps security teams document controls across multiple frameworks simultaneously, leveraging GenAI semantic crosswalk to identify overlap and reduce documentation effort.

📋 Multi-Framework Controls
NIST 800-53, FedRAMP, CMMC, HITRUST, PCI-DSS, SOC 2, PSD2, CCCS. Select multiple, document once where controls overlap via GenAI semantic crosswalk.
🤖 GenAI Semantic Crosswalk
Claude 3.5 Sonnet maps controls across frameworks semantically. 143 HITRUST→NIST, 137 PCI→NIST, 65 SOC2→NIST mappings with confidence ratings and rationale.
☁ AWS Inheritance
CRM auto-populates AWS Inherited / Shared / Customer responsibility. Inherited controls pre-checked, customer controls flagged for documentation.
📊 CIS & Export
Live Control Implementation Summary with status, inheritance, narrative. Delta view becomes CIS. Export to CSV for auditors.

Framework Coverage

✅ Authoritative (OSCAL)
NIST SP 800-53 Rev5 (1,193 controls)
FedRAMP Low / Moderate / High
CMMC 2.0 Level 1/2/3
CCCS ITSP.30.031 Medium
⚠ GenAI-Generated + Mapped
HITRUST CSF v11 (35 controls)
PCI-DSS v4.0 (138 controls)
SOC 2 TSC (70 controls)
PSD2 (pending)
🚧 Not Available
ISO 27001 (requires license)
NIST CSF 2.0 (coming soon)
⚠️ LEGAL NOTICE: The only source of truth for your legal requirements are your own compliance and legal teams. ComplianceBot does not provide legal guidance. It provides you with information to help inform your dialog with your compliance and legal counsel.
DeterBot: ComplianceBot

πŸ›‘οΈ Compliance Analysis Ready

FrameworkCoverageStatus
SOC 2 Type IISecurity & Privacy ControlsActive
HIPAAHealthcare Data ProtectionAvailable
PCI DSSPayment Card SecurityAvailable
GDPREU Data ProtectionAvailable
ISO 27001Information Security ManagementAvailable
FedRAMPFederal Risk AuthorizationAvailable

Compliance Features

FeatureDescriptionStatus
πŸ” Control AssessmentAnalyze compliance controls and gapsActive
πŸ“‹ Audit PreparationGenerate audit documentation and evidenceActive
βš–οΈ Risk AnalysisIdentify and assess compliance risksActive
πŸ“Š ReportingCreate compliance reports and dashboardsActive
πŸ”„ AWS Config IntegrationMonitor AWS resource complianceActive
πŸ“ Policy ReviewAnalyze policies against frameworksActive
What compliance challenge can I help you with today?