Delve
AI-native compliance automation with agent-based evidence collection
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
AI‑powered platform that automates compliance for SOC 2, ISO 27001, HIPAA, GDPR
Comp AI accelerates compliance by automating evidence collection, policy management, and control implementation for SOC 2, ISO 27001, HIPAA, and GDPR, while keeping your data under your own infrastructure.
Comp AI is designed for development and security teams that need to achieve regulatory compliance quickly without sacrificing control over their data. Whether you are a startup preparing for a SOC 2 audit or a healthcare provider handling HIPAA requirements, the platform gives you a single pane to manage policies, collect evidence, and track controls.
The system leverages AI to generate and organize compliance artifacts, syncs them with your PostgreSQL database, and uses Trigger.dev workflows to automate recurring tasks. Built with Next.js, Prisma, Tailwind CSS, and Upstash Redis, it offers a modern UI and extensible backend while keeping all data on your own infrastructure.
Run the repo locally with Node 20+, Bun, and PostgreSQL, configure the required environment variables, and launch via bun run dev or Turbo. A cloud‑hosted version is also available, and future Docker and Vercel deployment guides are in progress.
When teams consider Comp AI, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Rapid SOC 2 readiness for a fintech startup
Audit‑ready evidence and policies generated in weeks, cutting preparation costs by 60%.
HIPAA compliance for a telehealth provider
Centralized policy library and automated control logs ensure continuous HIPAA adherence.
Continuous compliance in CI/CD
Trigger.dev workflows automatically verify control implementation on each deployment.
GDPR data‑subject request automation
AI‑assisted tracking of user data handling fulfills GDPR obligations with minimal manual effort.
SOC 2, ISO 27001, HIPAA, and GDPR are built‑in and ready to use.
Yes, you can self‑host using Node/Bun and PostgreSQL, or subscribe to the cloud‑hosted version.
A Trigger.dev account for workflow automation, Upstash Redis for caching, and Google OAuth for authentication. Email sending uses Resend if configured.
Docker deployment steps are forthcoming; meanwhile you can run the application locally or on Vercel.
All data resides in your own PostgreSQL and Redis instances; the platform does not store compliance data externally.
Project at a glance
ActiveLast synced 4 days ago
