Soc2 Python Packages

evidentia-core

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia-ai

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia-collectors

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia-integrations

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia-api

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

evidentia-mcp

Open-source Python GRC tool: gap analysis, AI risk statements, OSCAL-first compliance automation. Enterprise-grade evidence integrity (Sigstore + GPG), CycloneDX SBOM, PyPI Trusted Publisher OIDC + PEP 740 attestations.

prodcycle

Multi-framework policy-as-code compliance scanner for infrastructure and application code. Evaluates Terraform, Kubernetes, Docker, and source code against SOC 2, HIPAA, and NIST CSF.

pii-shield-wasi

High-performance PII redaction scanner using Go WASM (WASI)

controlbridge-ai

DEPRECATED: renamed to 'evidentia-ai'. Transitional re-export shim; removed in v0.7.0.

controlbridge-core

DEPRECATED: renamed to 'evidentia-core'. Transitional re-export shim; removed in v0.7.0.

controlbridge-collectors

DEPRECATED: renamed to 'evidentia-collectors'. Transitional re-export shim; removed in v0.7.0.

controlbridge-integrations

DEPRECATED: renamed to 'evidentia-integrations'. Transitional re-export shim; removed in v0.7.0.

controlbridge

DEPRECATED: renamed to 'evidentia'. Transitional re-export shim; removed in v0.7.0.

tribunal

One audit log, one policy engine, one spend ledger -- for every coding agent on your team. Open source core for app.tribunal.dev.

readtheplan

Terraform plan risk explainer — stable CLI + GitHub Action. Classifies Terraform changes as safe/review/dangerous/irreversible.

controlbridge-api

DEPRECATED: renamed to 'evidentia-api'. Transitional re-export shim; removed in v0.7.0.

ragcompliance

Audit trail middleware for RAG pipelines in regulated industries

compliance-code-scanner

Multi-framework policy-as-code compliance scanner for infrastructure and application code.

weave-protocol-llamaindex

Vendor-neutral security protocol for AI agents. Thread identity, intent verification, blockchain anchoring.

cloudsecure

AWS security assessment platform with AI-powered analysis

connector-agent-oss

Tamper-proof memory + cryptographic audit trail for AI agents. HIPAA, SOC2, GDPR compliance built-in. Trust score for every response. Python & TypeScript SDKs. Rust-powered.

lokryn-mcp-log

Compliance-grade audit logging for MCP client operations (SOC2, HIPAA, PCI)

ancilis

Trust your agents in production - Agent Compliance SDK. Turn what your agent handles into the controls you need. Data classification driven agent runtime security controls. Scale compliance to your agents automatically.