Product · Compliance management

intSignal Compliance Platform

Know your compliance score — and exactly how to raise it.

A compliance platform with the same integration depth as the intSignal SIEM: it connects to everything you run, reads the controls, and turns them into a live compliance score across every framework — then tells you precisely what to fix, suggests the tools to use, and keeps you audit-ready with automated evidence.

Live, interactive demo — click around to explore.
Connects to everythingLive compliance scoreNIST · CIS · SOC 2 · HIPAA · PCI · ISO · CMMCPrioritized fix-listTool suggestionsAutomated evidence
intSignal Compliance · dashboardLIVE
79Compliance
▲ +6 ptsimprovement this quarterAudit-ready in 4 gaps
FixCIS Controls: MFA on 3 admin accounts

Integration

The same integration depth as the SIEM

Compliance shouldn’t be a spreadsheet you update by hand. This platform connects to your identity, endpoint, cloud, network, email, backup, and vulnerability tools — the way the SIEM does — and reads the actual state of your controls, so the score reflects reality, not a questionnaire.

Connects to everything you run
Microsoft 365 · EntraAWS · Azure · GCPEDR / DefenderFirewalls & networkBackup & emailVuln scannersCompliancescore · gaps · evidence
integrateSame integration depth as the SIEM — it reads live controls from every tool.

Reads real controls

Pulls live control state from every connected tool.

Broad connectors

Microsoft 365, Entra, AWS/Azure/GCP, EDR, firewalls, backup, and more.

Always current

The score updates as your environment changes.

No manual evidence-chasing

Stop screenshotting settings before every audit.

From connected to compliant

Score, fix, and prove — in one place

See exactly where you stand, what to do next, and the evidence to back it up.

One score across every framework

A live score maps your real control state to NIST CSF, CIS, SOC 2, HIPAA, PCI DSS, ISO 27001, CMMC, and custom frameworks at once.

Multi-frameworkOne environment, scored against every framework you care about.
Control mappingEach control mapped to the frameworks it satisfies.
TrendsWatch the score move as you close gaps.
Control coverage · frameworks × families
AccessDataNetworkEndpointLoggingBackupGov
NIST CSF
CIS
SOC 2
HIPAA!
PCI DSS!
ISO 27001
CMMC!!
MetPartialGapOne control set, every framework at once
mapSee coverage across NIST, CIS, SOC 2, HIPAA, PCI, ISO & CMMC in one grid.

Full platform

Everything in the Compliance Platform

Integration, scoring, remediation, and evidence — grouped. Expand any area for the full list.

Integration10
Microsoft 365 & Entra IDAWS / Azure / GCPEDR / antivirusFirewalls & networkEmail securityBackup systemsVulnerability scannersMDM / RMM / PSASIEM & Security SuiteCustom connectors
Frameworks11
NIST CSFCIS ControlsSOC 2HIPAAPCI DSSISO 27001CMMCGDPRCustom frameworksControl mappingCross-framework overlap
Scoring & gaps7
Live compliance scorePer-framework scoringControl statusGap analysisRisk-based prioritizationScore trendsBenchmarking
Remediation guidance6
What-to-fix listSuggested tools & actionsOwner assignmentDue dates & SLAsRemediation verificationExceptions & risk acceptance
Evidence & reporting7
Automated evidence collectionPolicy attestationsExecutive reportsAuditor-ready exportsContinuous monitoringAlerts on driftHistorical audit trail

See your real compliance score in a day

Connect a few systems and we’ll show your score, your top gaps, and exactly what to fix first.

Request a demo  ⟶

Frequently asked questions

How is this different from a compliance questionnaire or spreadsheet?

It doesn’t rely on someone answering questions. Like the SIEM, it connects to your actual tools — identity, endpoint, cloud, network, email, backup, vulnerability — and reads the real state of your controls, so the score reflects what’s actually configured, and it updates automatically as things change.

Which frameworks does it cover?

NIST CSF, CIS Controls, SOC 2, HIPAA, PCI DSS, ISO 27001, CMMC, GDPR, and custom frameworks — all scored at once from one set of control data, with cross-framework overlap so you don’t do the same work twice.

Does it just give a score, or tell us what to do?

Both. Beyond the score, it produces a prioritized list of gaps ranked by risk and suggests the specific tool or action for each — for example, enforce MFA in Entra ID, patch via the NOC, or enable DLP in the Security Suite. You can assign owners, set due dates, and verify remediation.

Does it help at audit time?

Yes. Evidence is collected automatically from your integrations — access reviews, encryption status, backup tests, and more — so instead of chasing screenshots you export an auditor-ready report on demand.

Can intSignal run it for us?

Yes. You can operate it yourself, or add intSignal-managed compliance operations to drive remediation and audit prep on your behalf.