sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
Files
b58f7e47dff4284e98a295d2d4447a2b19af9ac6
compliance-scanner-agent/onepager_de.html
Sharang Parnerkar b58f7e47df
Some checks failed
CI / Detect Changes (pull_request) Has been cancelled
Details
CI / Deploy Agent (pull_request) Has been cancelled
Details
CI / Deploy Dashboard (pull_request) Has been cancelled
Details
CI / Deploy Docs (pull_request) Has been cancelled
Details
CI / Deploy MCP (pull_request) Has been cancelled
Details
CI / Check (pull_request) Has been cancelled
Details
feat: add multi-language idiom awareness to all LLM review prompts 
Add language-specific false positive suppression for Python, Go, Java,
Kotlin, Ruby, PHP, and C/C++ across all review passes (logic, security,
convention) and triage. Each prompt now lists common idiomatic patterns
per language that should not be flagged.

Also adds language-specific fix guidance so suggested code fixes use
each language's canonical secure coding patterns (e.g. parameterized
queries, secure random, HTML escaping).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 23:17:19 +02:00

420 lines
13 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html lang="de">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>CERTifAI — Investor One-Pager</title>
<link href="https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700;800&display=swap" rel="stylesheet">
<style>
@page { size: A4; margin: 0; }
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: 'Plus Jakarta Sans', -apple-system, sans-serif;
background: #fff;
color: #1a1a2e;
width: 210mm;
height: 297mm;
overflow: hidden;
position: relative;
}
.top-bar {
height: 6px;
background: linear-gradient(90deg, #6366f1, #8b5cf6, #a78bfa, #06b6d4);
}
.container { padding: 16px 34px 10px; }
.header {
display: flex;
justify-content: space-between;
align-items: flex-start;
margin-bottom: 10px;
}
.logo-area h1 {
font-size: 26px;
font-weight: 800;
letter-spacing: -1px;
color: #4f46e5;
}
.logo-area .tagline {
font-size: 11px;
color: #64748b;
margin-top: 1px;
}
.contact-info {
text-align: right;
font-size: 9px;
color: #94a3b8;
line-height: 1.5;
}
.hero {
background: linear-gradient(135deg, #eef2ff, #f0f9ff);
border-radius: 10px;
padding: 10px 16px;
margin-bottom: 10px;
border-left: 4px solid #6366f1;
}
.hero p {
font-size: 11px;
line-height: 1.4;
color: #334155;
}
.hero strong { color: #4f46e5; font-weight: 700; }
.columns {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 12px;
margin-bottom: 9px;
}
.product-card {
border: 1px solid #e2e8f0;
border-radius: 10px;
padding: 10px 13px;
position: relative;
overflow: hidden;
}
.product-card::before {
content: '';
position: absolute;
top: 0; left: 0; right: 0;
height: 3px;
}
.product-card.scanner::before { background: linear-gradient(90deg, #6366f1, #8b5cf6); }
.product-card.platform::before { background: linear-gradient(90deg, #06b6d4, #0ea5e9); }
.product-card h2 {
font-size: 13px;
font-weight: 800;
margin-bottom: 1px;
}
.product-card.scanner h2 { color: #4f46e5; }
.product-card.platform h2 { color: #0891b2; }
.product-card .subtitle {
font-size: 9px;
color: #94a3b8;
margin-bottom: 6px;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.product-card ul { list-style: none; padding: 0; }
.product-card li {
font-size: 9.5px;
line-height: 1.25;
padding: 1.8px 0;
padding-left: 13px;
position: relative;
color: #475569;
}
.product-card li::before {
content: '';
position: absolute;
left: 0;
top: 6.5px;
width: 5px;
height: 5px;
border-radius: 50%;
}
.product-card.scanner li::before { background: #818cf8; }
.product-card.platform li::before { background: #22d3ee; }
.metrics {
display: grid;
grid-template-columns: repeat(5, 1fr);
gap: 8px;
margin-bottom: 9px;
}
.metric {
text-align: center;
padding: 8px 4px;
border-radius: 8px;
background: #f8fafc;
border: 1px solid #e2e8f0;
}
.metric .number {
font-size: 17px;
font-weight: 800;
color: #4f46e5;
}
.metric .label {
font-size: 8px;
color: #64748b;
margin-top: 1px;
font-weight: 500;
text-transform: uppercase;
letter-spacing: 0.3px;
}
.diff-section { margin-bottom: 9px; }
.section-title {
font-size: 10.5px;
font-weight: 700;
color: #1e293b;
margin-bottom: 5px;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.diff-grid {
display: grid;
grid-template-columns: repeat(3, 1fr);
gap: 6px;
}
.diff-item {
padding: 7px 9px;
border-radius: 7px;
background: linear-gradient(135deg, #faf5ff, #f0f9ff);
border: 1px solid #e0e7ff;
}
.diff-item .diff-title {
font-size: 9px;
font-weight: 700;
color: #4f46e5;
margin-bottom: 1px;
}
.diff-item .diff-desc {
font-size: 8px;
color: #64748b;
line-height: 1.25;
}
.roadmap { margin-bottom: 9px; }
.roadmap-grid {
display: grid;
grid-template-columns: repeat(4, 1fr);
gap: 6px;
}
.roadmap-item {
padding: 6px 9px;
border-radius: 7px;
border: 1px dashed #c7d2fe;
background: #fefce8;
}
.roadmap-item .rm-title {
font-size: 9px;
font-weight: 700;
color: #92400e;
margin-bottom: 1px;
}
.roadmap-item .rm-desc {
font-size: 7.5px;
color: #78716c;
line-height: 1.25;
}
.bottom-row {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 12px;
margin-bottom: 6px;
}
.bottom-section .section-title { margin-bottom: 4px; }
.bottom-section ul { list-style: none; padding: 0; }
.bottom-section li {
font-size: 9px;
color: #475569;
padding: 1.5px 0;
padding-left: 11px;
position: relative;
line-height: 1.3;
}
.bottom-section li::before {
content: '→';
position: absolute;
left: 0;
color: #8b5cf6;
font-weight: 700;
}
.footer {
position: absolute;
bottom: 0;
left: 0;
right: 0;
padding: 9px 34px;
background: #f8fafc;
border-top: 1px solid #e2e8f0;
display: flex;
justify-content: space-between;
align-items: center;
}
.footer .conf {
font-size: 8px;
color: #94a3b8;
font-weight: 500;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.footer .date {
font-size: 8px;
color: #94a3b8;
}
</style>
</head>
<body>
<div class="top-bar"></div>
<div class="container">
<div class="header">
<div class="logo-area">
<h1>CERTifAI</h1>
<div class="tagline">KI-native Sicherheits- & Compliance-Plattform</div>
</div>
<div class="contact-info">
Vertraulich — Nur für Investoren<br>
März 2026
</div>
</div>
<div class="hero">
<p>
CERTifAI ist eine <strong>DSGVO-konforme, datensouveräne KI-Plattform</strong>, die autonomes
Sicherheitsscanning mit intelligenter Compliance-Automatisierung vereint. Wir helfen Unternehmen,
ihren <strong>Code abzusichern</strong>, <strong>Compliance skalierbar durchzusetzen</strong> und
<strong>volle Datensouveränität zu bewahren</strong> — gestützt auf über 200 atomare Sicherheitskontrollen,
KI-gesteuerte Triage und einen lückenlosen Audit-Trail für jeden Befund.
</p>
</div>
<div class="columns">
<div class="product-card scanner">
<h2>Compliance Scanner</h2>
<div class="subtitle">Autonomer KI-Sicherheitsagent</div>
<ul>
<li><strong>200+ atomare Kontrollen</strong> — Feingranulare Sicherheitsprüfungen mit vollständiger Herkunftsverfolgung</li>
<li><strong>SAST + DAST + SBOM</strong> — Vollumfängliche Sicherheitstests mit Schwachstellenverfolgung</li>
<li><strong>KI-gesteuerte Pentests</strong> — Autonome, LLM-orchestrierte Penetrationstests mit verschlüsselten Berichten</li>
<li><strong>Automatische PR-Reviews</strong> — Sicherheitsbewusste Code-Review-Kommentare bei jedem Pull Request</li>
<li><strong>Audit-Trail</strong> — Unveränderliche Befund-Nachverfolgung von Erkennung bis Behebung</li>
<li><strong>LLM-basierte Triage</strong> — Intelligente False-Positive-Filterung mit Konfidenz-Scoring</li>
<li><strong>Code-Wissensgraph</strong> — Architekturvisualisierung mit Auswirkungs- & Datenflussanalyse</li>
<li><strong>Multi-Tracker-Sync</strong> — Automatische Issues in GitHub, GitLab, Jira, Gitea</li>
<li><strong>MCP-Server</strong> — Live-Sicherheitsdaten in Claude, Cursor & anderen KI-Tools</li>
</ul>
</div>
<div class="product-card platform">
<h2>CERTifAI Plattform</h2>
<div class="subtitle">Souveräne GenAI-Infrastruktur</div>
<ul>
<li><strong>Multi-Provider LLM-Verwaltung</strong> — Einheitliche Schnittstelle für LiteLLM, OpenAI, HuggingFace, Anthropic</li>
<li><strong>KI-Agenten-Orchestrierung</strong> — LangGraph-Integration mit Live-Monitoring & Agenten-Registry</li>
<li><strong>Enterprise SSO</strong> — Keycloak-basiertes OAuth2/PKCE, LDAP, Multi-Realm-Authentifizierung</li>
<li><strong>Nutzungs- & Abrechnungsanalyse</strong> — Token-Tracking, modellbasierte Aufschlüsselung</li>
<li><strong>News-Intelligence</strong> — KI-gestützte Nachrichtenzusammenfassung, Trendanalyse, Follow-up-Chat</li>
<li><strong>Entwickler-Toolchain</strong> — LangFlow, Langfuse, LangChain sofort einsatzbereit</li>
<li><strong>RBAC & Feature Flags</strong> — Rollenbasierter Zugriff mit kontrolliertem GenAI-Rollout pro Org</li>
<li><strong>Mehrsprachigkeit</strong> — Vollständige i18n-Unterstützung (DE, FR, ES, PT)</li>
<li><strong>RAG-basierter Chat</strong> — Natürlichsprachliche Q&A auf Basis Ihrer Codebasis</li>
</ul>
</div>
</div>
<div class="metrics">
<div class="metric">
<div class="number">15 Mrd.+</div>
<div class="label">AppSec TAM bis 2027</div>
</div>
<div class="metric">
<div class="number">200+</div>
<div class="label">Atomare Sicherheits-<br>kontrollen</div>
</div>
<div class="metric">
<div class="number">80%</div>
<div class="label">Zeitersparnis bei<br>Compliance-Prüfungen</div>
</div>
<div class="metric">
<div class="number">10x</div>
<div class="label">Günstiger als<br>manuelle Pentests</div>
</div>
<div class="metric">
<div class="number">100%</div>
<div class="label">Datensouveränität<br>garantiert</div>
</div>
</div>
<div class="diff-section">
<div class="section-title">Warum CERTifAI gewinnt</div>
<div class="diff-grid">
<div class="diff-item">
<div class="diff-title">KI-native Sicherheit</div>
<div class="diff-desc">LLM-gesteuerte Pentests & Triage ersetzen manuelle Audits (5.00050.000 €). Kein Wettbewerber bietet autonome KI-Pentests.</div>
</div>
<div class="diff-item">
<div class="diff-title">Volle Provenienz</div>
<div class="diff-desc">Jeder Befund rückverfolgbar zu Kontrolle, Regel und Quelle. Lückenloser Audit-Trail von Erkennung bis Behebung.</div>
</div>
<div class="diff-item">
<div class="diff-title">Datensouveränität</div>
<div class="diff-desc">Keine Daten verlassen Ihre Infrastruktur. DSGVO-konform durch Architektur. EU-Hosting-Optionen verfügbar.</div>
</div>
<div class="diff-item">
<div class="diff-title">Shift-Left PR-Reviews</div>
<div class="diff-desc">Sicherheitsbefunde erscheinen als PR-Kommentare vor dem Merge. Entwickler beheben Probleme direkt am Code.</div>
</div>
<div class="diff-item">
<div class="diff-title">Entwickelt in Rust</div>
<div class="diff-desc">Speichersicherer, hochperformanter Stack. Fullstack-WASM + SSR mit Dioxus. Enterprise-taugliche Zuverlässigkeit.</div>
</div>
<div class="diff-item">
<div class="diff-title">Einheitliche Steuerung</div>
<div class="diff-desc">Sicherheit + KI-Infrastruktur in einem Dashboard. Wettbewerber benötigen 5+ separate Tools.</div>
</div>
</div>
</div>
<div class="roadmap">
<div class="section-title">Roadmap — In Kürze verfügbar</div>
<div class="roadmap-grid">
<div class="roadmap-item">
<div class="rm-title">SOC2 & ISO 27001</div>
<div class="rm-desc">Vorgefertigte Kontroll-Mappings für Zertifizierungsreife</div>
</div>
<div class="roadmap-item">
<div class="rm-title">Policy-as-Code</div>
<div class="rm-desc">Eigene Compliance-Regeln via deklarative YAML-Policies</div>
</div>
<div class="roadmap-item">
<div class="rm-title">CI/CD-Gates</div>
<div class="rm-desc">Deployments bei kritischen Befunden blockieren</div>
</div>
<div class="roadmap-item">
<div class="rm-title">Executive Reports</div>
<div class="rm-desc">Auto-generierte Compliance-Berichte für die Geschäftsführung</div>
</div>
</div>
</div>
<div class="bottom-row">
<div class="bottom-section">
<div class="section-title">Geschäftsmodell</div>
<ul>
<li><strong>SaaS Cloud</strong> — Verwaltete Multi-Tenant-Plattform für KMUs</li>
<li><strong>Enterprise-Lizenz</strong> — Dedizierte Bereitstellung mit Support & Integrationen</li>
<li><strong>Professional Services</strong> — Individuelle Regeln, Pentest-Berichte, Compliance-Audits</li>
<li><strong>API-Stufen</strong> — Kostenlose Community-Stufe, kostenpflichtiger Enterprise-Zugang</li>
</ul>
</div>
<div class="bottom-section">
<div class="section-title">Zielmärkte</div>
<ul>
<li><strong>Regulierte Branchen</strong> — Finanzen, Gesundheitswesen, Behörden (DSGVO, HIPAA, SOC2)</li>
<li><strong>Enterprise DevSecOps</strong> — Shift-Left-Security für Entwicklungsteams</li>
<li><strong>EU-Datensouveränität</strong> — Unternehmen mit souveräner KI-Infrastruktur</li>
<li><strong>Sicherheitsberatungen</strong> — Automatisierte Pentests & Berichtserstellung</li>
</ul>
</div>
</div>
</div>
<div class="footer">
<div class="conf">Vertraulich — Nicht zur Weitergabe bestimmt</div>
<div class="date">CERTifAI — März 2026</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink