Regulatory Compliance

Compliance That Updates Itself

Your security configuration automatically maps to EU AI Act, NIST AI RMF, ISO 42001, SOC 2, and OWASP LLM Top 10. No manual evidence collection. No spreadsheet audits.

5
Compliance Frameworks
Real-time
Updates
Automated
Evidence
Zero
Manual Work

Five Frameworks, One Dashboard

INS maps your security configuration to specific articles, controls, and categories across the five most important AI compliance frameworks. Every requirement is tracked automatically.

EU AI Act (Regulation 2024/1689)

Articles covered: Art. 9 (Risk Management), Art. 10 (Data Governance), Art. 12 (Record-keeping), Art. 13 (Transparency), Art. 14 (Human Oversight), Art. 15 (Robustness & Cybersecurity), Art. 62 (Incident Reporting)

The EU AI Act requires documented risk management for high-risk AI systems. INS automatically tracks whether your MCP infrastructure meets these requirements.

NIST AI Risk Management Framework 1.0

Functions covered: Govern (risk management processes), Measure (security evaluation, privacy, monitoring), Manage (risk response, post-deployment monitoring)

NIST AI RMF provides the gold standard for AI risk management in the US. INS maps your configuration to specific subcategories.

ISO/IEC 42001:2023 (AI Management System)

Controls covered: A.2.2 (AI Policy), A.6.2.5 (Deployment), A.6.2.6 (Operation & Monitoring), A.6.2.8 (Integration), A.7.2 (Data for AI)

The world's first AI management system standard. INS tracks your alignment with its Annex A controls.

SOC 2 Trust Service Criteria

Controls covered: CC6.1 (Access Control), CC6.3 (Role-based Enforcement), CC6.7 (Data Transmission), CC7.1-CC7.5 (Monitoring, Detection, Response, Recovery)

For organizations undergoing SOC 2 audits, INS provides automated evidence that your AI infrastructure meets Trust Service Criteria.

OWASP LLM Top 10 (2025)

Categories covered: LLM01 (Prompt Injection), LLM02 (Sensitive Info), LLM03 (Supply Chain), LLM06 (Excessive Agency)

OWASP defines the most critical security risks for LLM applications. INS actively detects and prevents these threats.

How It Works

1

Configure

Set up your MCP servers, policies, and detectors through INS dashboard.

2

Automatic Assessment

Risk Posture engine evaluates 23 security checks across 6 categories.

3

Compliance Mapping

Each check maps to specific framework requirements with real article/control references.

4

Continuous Tracking

Daily automated re-assessment updates compliance status.

5

Evidence Ready

Dashboard shows exactly which requirements are met and which need attention.

From Configuration to Compliance Evidence

Every security check in INS maps directly to specific regulatory requirements. Here is what that looks like in practice.

Rate limits configured PASS

Maps to: EU AI Act Art. 9(2)(b), SOC 2 CC6.1, OWASP LLM06

SIEM integration connected FAIL

Maps to: EU AI Act Art. 12(1), SOC 2 CC7.1, ISO 42001 A.6.2.6

Recommendation: Connect a SIEM integration (Splunk, Datadog, Sentinel)

Impact: 3 compliance requirements affected

"Your auditor asks 'how do you monitor AI agent activity?' You show them the dashboard. Done."

Related Features

Audit & Compliance

Complete audit trail for every AI agent action with structured event logging and compliance-ready reporting.

Policy Engine

Define and enforce security policies that map directly to compliance framework requirements.

Automate Your AI Compliance

Stop maintaining spreadsheets. Let INS map your security configuration to regulatory requirements automatically.

Join the Waitlist