An enterprise-grade system designed to automate security compliance monitoring and reporting, starting with the NIST framework as a primary guide.
To provide a data-driven, ontology-first platform where every security control, policy, and asset is represented in a unified semantic model, enabling real-time compliance tracking and automated gap analysis.
- Ontology-First Architecture: All data is modeled after security ontologies, ensuring consistency and interoperability.
- NIST Compliance: Built-in support for NIST SP 800-53, NIST CSF, and other major frameworks.
- Feature-Based Architecture: Modular design for scalability and maintainability.
- Enterprise Security: Role-based access control (RBAC), audit logging, and secure data handling.
docs/: Documentation, PRD, Tech Stack, and Coordination documents.backend/: Rust-based backend implementing a pure ontology-first architecture (Axum + SQLx).frontend/: React-based dashboard (React 19 + Vite + TanStack Router).
Refer to docs/README.md for detailed documentation.