Open-source compliance platform for SOC 2, ISO 27001, HIPAA, and GDPR with AI agents and 580+ integrations
- Stars1.6k
- Forks325
- Open Issues12
AGPL-3.0
- TypeScript
- MDX
- CSS
About Comp AI
Comp AI is an open-source compliance platform for companies working toward SOC 2, ISO 27001, HIPAA, and GDPR. It automates evidence collection, policy management, and control implementation, while keeping control of data and infrastructure with the user.
The platform uses AI agents to help automate compliance work and connects with 580+ integrations. It is built with Next.js, Trigger.dev, Prisma, Tailwind CSS, Upstash, and Vercel, with local development requiring Node.js, Bun, and Postgres.
Comp AI is available as a cloud hosted version and can be run locally. Comp AI, Inc. is a commercial open source company using an open core model: the core technology is licensed under AGPLv3, while the /ee Enterprise Edition is covered by a commercial license.
Key features
- Automates evidence collection for compliance workflows
- Policy management for SOC 2, ISO 27001, HIPAA, and GDPR
- Control implementation support
- AI agents for compliance automation
- 580+ integrations
Details
- First released
- 2025
- Frameworks
- SOC 2, ISO 27001, HIPAA, GDPR
- Self-hosting
- Local setup with Node, Bun, Postgres
- Integrations
- 580+
- Governance
- Comp AI, Inc. open core
- License
- AGPLv3 core, commercial /ee