Feature Guide

Security Posture

The Security Posture dashboard is your single pane of glass for cloud security. It aggregates findings across three domains:

• Data Security (DSPM) — S3 data posture, RDS data posture, DynamoDB encryption
• Identity & Access (CIEM) — IAM permissions analysis, unused roles, privilege escalation paths
• Secrets Detection — hardcoded secrets in EC2 user data, Lambda env vars, ECS task definitions, SSM parameters

Findings are categorized by severity (Critical, High, Medium, Low) with a risk-weighted bar chart showing concentration by scan area. Filter by category tab (Data Security, Identity & Access, Secrets) or search for specific resources.

Compliance Checks

Continuous compliance posture across 7+ frameworks. The dashboard shows overall compliance percentage, audit readiness status, total checks run, and pass/fail breakdown.

Supported frameworks: CIS (multiple versions), AWS, HIPAA, PCI-DSS, SOC 2, NIST, ISO 27001, GDPR, FedRAMP, CMMC, CISA, ENS, FFIEC, GxP, KISA, MITRE, NIST 800-53, RBI, CCC.

Drill into any framework to see individual findings with resource-level detail, AI-powered remediation suggestions, and the ability to export evidence for auditors.

Each finding shows the affected AWS service, specific resource, severity level, and an AI badge when AI-assisted remediation is available. The left sidebar groups findings by service (S3, IAM, CloudWatch, EC2, VPC, KMS, etc.) with pass/fail counts per service.

Vulnerability Management

The Vulnerability Analysis dashboard provides an executive summary of your security posture: risk score, high-priority findings, SLA breaches, auto-remediable percentage, and week-over-week change.

Top 3 Risks This Week surfaces the most critical findings with one-click Fix Now buttons. The Top Risk Concentration chart shows which services (S3, EC2, etc.) carry the most risk.

AI-Powered Remediation

Click any finding to open the Remediation Preview. CompliTru's agentic pipeline runs a multi-step assessment before recommending a fix:

The dual-score system shows Risk if NOT Fixed (severity + blast radius) alongside Risk of Fixing (reversibility + operational impact). The combined Priority Score gives a clear recommendation: fix now, schedule, or monitor.

Agentic Assessment Pipeline

The pipeline runs six autonomous assessment stages in real time:

1. Resource Enrichment — gathers full resource metadata
2. Unpatched Risk Analysis — evaluates risk of leaving unfixed
3. Fix Risk Analysis — evaluates risk of applying the fix
4. Security Agent — security-specific assessment
5. DevOps Agent — operational impact assessment
6. Fix Plan Generation — produces the executable remediation

Cost Optimization

Analyze and optimize your AWS cloud spending. The dashboard shows current month spend, previous month comparison, month-end forecast, and total potential savings with specific opportunities identified.

Savings opportunities are broken down by category: RDS, Reserved Instances, Networking, EC2, and EBS — each showing the number of opportunities and estimated monthly savings.

Tabs provide deeper analysis: AI Assistant, Billing, Forecast, Savings, Budgets, Tag Analysis, and Data Costs.

FinOps AI Assistant

Ask cost questions in plain English. The FinOps AI Assistant analyzes your spending patterns, detects anomalies, finds optimization opportunities, and generates CFO-ready reports.

Pre-built queries include: "What are my top cost optimization opportunities?", "Generate a CFO-ready cost report", "Are there cost anomalies?", "Which EC2 instances should I right-size or terminate?"

AI Risk & Governance

Discover, monitor, and govern AI tool usage across your organization. CompliTru detects every AI application being used — approved or shadow — and enforces policies.

AI App Inventory

Automatic discovery of every AI tool in use: GitHub Copilot, ChatGPT, Claude, Cursor, Perplexity, Gemini, and more. Each app shows usage volume, number of users, risk level, and approval status.

The Risk Distribution donut chart and Top by Usage bar chart give executives instant visibility into AI adoption and risk.

AI Policy & Governance

Define which AI tools are approved, restricted, or under review. Each policy shows conditions (e.g., "No PII in prompts", "Enterprise plan required", "API usage only") and who approved it.

Track policy violations across the organization with real-time enforcement.

Prompt Risk & Sensitive Data Exposure

Detect when employees paste sensitive data into AI tools. CompliTru monitors for source code, PII, secrets (AWS keys), financial data, and other sensitive content in AI prompts.

Each event shows the user, AI app, data type (Source Code, PII, Secrets, Financial Data), description, severity, and status (flagged, reviewed, dismissed). Filter by severity, app, or status.

AI Cost Monitoring

Track your organization's total AI spend across all tools and teams. The dashboard shows total spend, month-over-month trend, top cost driver, and number of teams with AI spend.

Breakdowns by app (GitHub Copilot, ChatGPT, Claude, Cursor, etc.) and by team (Engineering, Product, Legal, Support) help identify where AI budget is going and whether it's delivering ROI.