Getting Started
Go from sign-up to your first remediated finding in under 10 minutes.
Create your account
Go to complitru.ai/signup and sign up with your work email. Google and Microsoft SSO are supported for one-click sign-up.
After signing up, check your inbox for a verification email and click the link to activate your account.
Choose your plan
CompliTru offers multiple tiers to match your needs:
| Plan | Price | Best for |
|---|---|---|
| Free Scan | $0 | One-time scan to see what's in your AWS account |
| Growth | $499/mo | Ongoing scanning + compliance reporting |
| Scale | $399/mo | Multi-account + advanced remediation |
| Enterprise | Contact sales | Self-hosted + custom deployment |
Start with the Free Scan to see findings before committing. No credit card required.
Connect your AWS account
Navigate to Accounts in the left sidebar and click Add Account. You have two options:
Option A: CloudFormation (recommended, 2 minutes)
- Click Launch CloudFormation Stack
- You'll be redirected to the AWS Console with a pre-filled CloudFormation template
- Check the IAM capabilities acknowledgment box
- Click Create Stack
- Wait ~60 seconds for the stack to complete
- Return to CompliTru — the account auto-detects and connects
Option B: Manual IAM role
- Copy the trust policy and permissions policy shown in the modal
- Create an IAM role in your AWS account with those policies attached
- Paste the Role ARN and External ID back into CompliTru
- Click Verify Connection
The IAM role grants read-only access by default. You can upgrade to execution mode later to enable one-click remediation.
Run your first scan
Once your account is connected, click Run Scan on the Security Posture page. CompliTru scans your AWS account across 600+ checks mapped to SOC 2, ISO 27001, CIS, NIST, HIPAA, and PCI DSS.
Scan time depends on account size — typically 2-5 minutes for a standard account.
Review your Security Posture
After the scan completes, the Security Posture dashboard shows your findings organized by category: Data Security (DSPM), Identity & Access (CIEM), and Secrets Detection.
The Risk by Scan Area bar chart at the bottom shows which areas have the most findings, weighted by severity. Focus on the longest bars first.
Explore compliance findings
Navigate to Compliance to see how your account maps against regulatory frameworks. Each framework shows a compliance percentage, total checks, passed, and failed counts.
Click into any framework to drill down to individual findings. Each finding shows the affected resource, severity, and an AI badge indicating AI-powered remediation is available.
AI Tip at the bottom of the findings list recommends where to focus first based on severity and blast radius.
Fix your first finding
Click any finding to open the Remediation Preview. CompliTru's agentic assessment pipeline evaluates:
- Risk if NOT fixed — severity + blast radius score
- Risk of fixing — reversibility + operational impact score
- Priority Score — combined recommendation
The Live Investigation Feed shows the Security Agent and DevOps Agent analyzing the finding in real time — evaluating dependencies, checking running workloads, and generating the fix plan.
Once the assessment completes, review the proposed fix and click Apply (if your account is in execution mode) or copy the generated remediation commands to apply manually.
What's next
- Feature Guide — visual walkthrough of every major feature
- Self-Hosted Deployment — enterprise deployment documentation
- Pricing — compare plans and upgrade
- Support — email us with questions