Automate your compliance journey with YAML-based policies, evidence collection, and audit dashboards.
Choose a subscription tier or a one-time download.

Prefer a single purchase? Get the current version as a direct download.
(Future updates require a new purchase or Stripe subscription.)

Codify compliance. Automate evidence. Stay audit‑ready.
Compliance-as-Code (CaC) turns frameworks like SOX, PCI DSS, ISO 27001, and HIPAA into YAML policies that drive automation and audit dashboards.

CaC is a B2B SaaS platform that simplifies compliance management:

• Policy-as-Code: YAML-based compliance controls.
• Automation: Collect evidence automatically across your systems.
• Audit-Ready Dashboards: Export clean reports for auditors.
• Integrations: Works with your CI/CD, cloud infra, and ticketing tools.

Choose a subscription tier or a one-time Ko-fi purchase.

• Full YAML policy engine (SOX, PCI, HIPAA, ISO27001)
• Automated evidence collection
• Compliance dashboard access
• Basic integrations (GitHub, GitLab, Jira)

Everything in Startup, plus:

• Advanced integrations (Atlassian, ServiceNow, cloud APIs)
• Priority roadmap influence
• Premium onboarding & support
• Export-ready auditor packages

• Download current version instantly
• No subscription required
  (future updates require new purchase or subscription)

1. Clone the repo and install dependencies:

   git clone https://github.com/gusinfosec/compliance-as-code.git
   cd compliance-as-code
   pnpm install

2. Start API (port 4000) & Web (port 3001):

   pnpm --filter cac-api dev
   pnpm --filter cac-web dev

3. Open browser at http://localhost:3001

• LICENSE.md — MIT License
• PRIVACY.md — Our privacy commitment

• 💳 Stripe: Monthly subscriptions (Startup / Enterprise)
• ☕ Ko-fi: One-time support ($15)
• GitHub Sponsors: Coming soon

Compliance-as-Code — Automating trust, one YAML at a time.