sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
Files
b58f7e47dff4284e98a295d2d4447a2b19af9ac6
compliance-scanner-agent/onepager_en.html
Sharang Parnerkar b58f7e47df
Some checks failed
CI / Detect Changes (pull_request) Has been cancelled
Details
CI / Deploy Agent (pull_request) Has been cancelled
Details
CI / Deploy Dashboard (pull_request) Has been cancelled
Details
CI / Deploy Docs (pull_request) Has been cancelled
Details
CI / Deploy MCP (pull_request) Has been cancelled
Details
CI / Check (pull_request) Has been cancelled
Details
feat: add multi-language idiom awareness to all LLM review prompts 
Add language-specific false positive suppression for Python, Go, Java,
Kotlin, Ruby, PHP, and C/C++ across all review passes (logic, security,
convention) and triage. Each prompt now lists common idiomatic patterns
per language that should not be flagged.

Also adds language-specific fix guidance so suggested code fixes use
each language's canonical secure coding patterns (e.g. parameterized
queries, secure random, HTML escaping).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 23:17:19 +02:00

422 lines
13 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>CERTifAI — Investor One-Pager</title>
<link href="https://fonts.googleapis.com/css2?family=Plus+Jakarta+Sans:wght@300;400;500;600;700;800&display=swap" rel="stylesheet">
<style>
@page { size: A4; margin: 0; }
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: 'Plus Jakarta Sans', -apple-system, sans-serif;
background: #fff;
color: #1a1a2e;
width: 210mm;
height: 297mm;
overflow: hidden;
position: relative;
}
.top-bar {
height: 6px;
background: linear-gradient(90deg, #6366f1, #8b5cf6, #a78bfa, #06b6d4);
}
.container { padding: 18px 34px 12px; }
.header {
display: flex;
justify-content: space-between;
align-items: flex-start;
margin-bottom: 12px;
}
.logo-area h1 {
font-size: 28px;
font-weight: 800;
letter-spacing: -1px;
color: #4f46e5;
}
.logo-area .tagline {
font-size: 12px;
color: #64748b;
margin-top: 1px;
}
.contact-info {
text-align: right;
font-size: 9.5px;
color: #94a3b8;
line-height: 1.5;
}
.hero {
background: linear-gradient(135deg, #eef2ff, #f0f9ff);
border-radius: 10px;
padding: 11px 18px;
margin-bottom: 11px;
border-left: 4px solid #6366f1;
}
.hero p {
font-size: 11.5px;
line-height: 1.45;
color: #334155;
}
.hero strong { color: #4f46e5; font-weight: 700; }
.columns {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 14px;
margin-bottom: 10px;
}
.product-card {
border: 1px solid #e2e8f0;
border-radius: 10px;
padding: 12px 14px;
position: relative;
overflow: hidden;
}
.product-card::before {
content: '';
position: absolute;
top: 0; left: 0; right: 0;
height: 3px;
}
.product-card.scanner::before { background: linear-gradient(90deg, #6366f1, #8b5cf6); }
.product-card.platform::before { background: linear-gradient(90deg, #06b6d4, #0ea5e9); }
.product-card h2 {
font-size: 13.5px;
font-weight: 800;
margin-bottom: 2px;
}
.product-card.scanner h2 { color: #4f46e5; }
.product-card.platform h2 { color: #0891b2; }
.product-card .subtitle {
font-size: 9.5px;
color: #94a3b8;
margin-bottom: 7px;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.product-card ul { list-style: none; padding: 0; }
.product-card li {
font-size: 10px;
line-height: 1.3;
padding: 2px 0;
padding-left: 14px;
position: relative;
color: #475569;
}
.product-card li::before {
content: '';
position: absolute;
left: 0;
top: 7px;
width: 5px;
height: 5px;
border-radius: 50%;
}
.product-card.scanner li::before { background: #818cf8; }
.product-card.platform li::before { background: #22d3ee; }
.metrics {
display: grid;
grid-template-columns: repeat(5, 1fr);
gap: 9px;
margin-bottom: 10px;
}
.metric {
text-align: center;
padding: 9px 5px;
border-radius: 8px;
background: #f8fafc;
border: 1px solid #e2e8f0;
}
.metric .number {
font-size: 18px;
font-weight: 800;
color: #4f46e5;
}
.metric .label {
font-size: 8.5px;
color: #64748b;
margin-top: 1px;
font-weight: 500;
text-transform: uppercase;
letter-spacing: 0.3px;
}
.diff-section { margin-bottom: 10px; }
.section-title {
font-size: 11px;
font-weight: 700;
color: #1e293b;
margin-bottom: 6px;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.diff-grid {
display: grid;
grid-template-columns: repeat(3, 1fr);
gap: 7px;
}
.diff-item {
padding: 8px 10px;
border-radius: 7px;
background: linear-gradient(135deg, #faf5ff, #f0f9ff);
border: 1px solid #e0e7ff;
}
.diff-item .diff-title {
font-size: 9.5px;
font-weight: 700;
color: #4f46e5;
margin-bottom: 2px;
}
.diff-item .diff-desc {
font-size: 8.5px;
color: #64748b;
line-height: 1.3;
}
/* Roadmap */
.roadmap {
margin-bottom: 10px;
}
.roadmap-grid {
display: grid;
grid-template-columns: repeat(4, 1fr);
gap: 7px;
}
.roadmap-item {
padding: 7px 10px;
border-radius: 7px;
border: 1px dashed #c7d2fe;
background: #fefce8;
}
.roadmap-item .rm-title {
font-size: 9.5px;
font-weight: 700;
color: #92400e;
margin-bottom: 1px;
}
.roadmap-item .rm-desc {
font-size: 8px;
color: #78716c;
line-height: 1.3;
}
.bottom-row {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 14px;
margin-bottom: 8px;
}
.bottom-section .section-title { margin-bottom: 5px; }
.bottom-section ul { list-style: none; padding: 0; }
.bottom-section li {
font-size: 9.5px;
color: #475569;
padding: 2px 0;
padding-left: 12px;
position: relative;
line-height: 1.35;
}
.bottom-section li::before {
content: '→';
position: absolute;
left: 0;
color: #8b5cf6;
font-weight: 700;
}
.footer {
position: absolute;
bottom: 0;
left: 0;
right: 0;
padding: 10px 34px;
background: #f8fafc;
border-top: 1px solid #e2e8f0;
display: flex;
justify-content: space-between;
align-items: center;
}
.footer .conf {
font-size: 8.5px;
color: #94a3b8;
font-weight: 500;
text-transform: uppercase;
letter-spacing: 0.5px;
}
.footer .date {
font-size: 8.5px;
color: #94a3b8;
}
</style>
</head>
<body>
<div class="top-bar"></div>
<div class="container">
<div class="header">
<div class="logo-area">
<h1>CERTifAI</h1>
<div class="tagline">AI-Native Security & Compliance Platform</div>
</div>
<div class="contact-info">
Confidential — For Investor Review<br>
March 2026
</div>
</div>
<div class="hero">
<p>
CERTifAI is a <strong>GDPR-compliant, data-sovereign AI platform</strong> combining autonomous security scanning
with intelligent compliance automation. We help enterprises <strong>secure their code</strong>,
<strong>enforce compliance at scale</strong>, and <strong>maintain full data sovereignty</strong> — powered by
200+ atomic security controls, AI-driven triage, and a complete audit trail for every finding.
</p>
</div>
<div class="columns">
<div class="product-card scanner">
<h2>Compliance Scanner</h2>
<div class="subtitle">Autonomous AI Security Agent</div>
<ul>
<li><strong>200+ Atomic Controls</strong> — Fine-grained security checks with full provenance tracking per finding</li>
<li><strong>SAST + DAST + SBOM</strong> — Full-spectrum security testing with dependency vulnerability tracking</li>
<li><strong>AI-Driven Pentesting</strong> — Autonomous LLM-orchestrated penetration testing with encrypted reports</li>
<li><strong>Automated PR Reviews</strong> — Security-aware code review comments on every pull request</li>
<li><strong>Audit Trail</strong> — Immutable finding lifecycle tracking from detection to remediation</li>
<li><strong>LLM-Powered Triage</strong> — Intelligent false-positive filtering with confidence scoring</li>
<li><strong>Code Knowledge Graph</strong> — Architecture visualization with impact & data-flow analysis</li>
<li><strong>Multi-Tracker Sync</strong> — Auto-creates issues in GitHub, GitLab, Jira, Gitea</li>
<li><strong>MCP Server</strong> — Live security data in Claude, Cursor & other AI dev tools</li>
</ul>
</div>
<div class="product-card platform">
<h2>CERTifAI Platform</h2>
<div class="subtitle">Sovereign GenAI Infrastructure</div>
<ul>
<li><strong>Multi-Provider LLM Management</strong> — Unified interface for LiteLLM, OpenAI, HuggingFace, Anthropic</li>
<li><strong>AI Agent Orchestration</strong> — LangGraph integration with live monitoring & agent registry</li>
<li><strong>Enterprise SSO</strong> — Keycloak-based OAuth2/PKCE, LDAP, multi-realm authentication</li>
<li><strong>Usage & Billing Analytics</strong> — Token tracking, per-model breakdown, seat management</li>
<li><strong>News Intelligence</strong> — AI-powered news summarization, trend analysis, follow-up chat</li>
<li><strong>Developer Toolchain</strong> — LangFlow, Langfuse, LangChain integrations out of the box</li>
<li><strong>RBAC & Feature Flags</strong> — Role-based access with controlled GenAI rollout per org</li>
<li><strong>Full i18n</strong> — Multi-language support (DE, FR, ES, PT) for global teams</li>
<li><strong>RAG-Powered Chat</strong> — Natural language Q&A grounded in your codebase</li>
</ul>
</div>
</div>
<div class="metrics">
<div class="metric">
<div class="number">$15B+</div>
<div class="label">AppSec TAM by 2027</div>
</div>
<div class="metric">
<div class="number">200+</div>
<div class="label">Atomic Security<br>Controls</div>
</div>
<div class="metric">
<div class="number">80%</div>
<div class="label">Compliance Review<br>Time Saved</div>
</div>
<div class="metric">
<div class="number">10x</div>
<div class="label">Cheaper than<br>Manual Pentests</div>
</div>
<div class="metric">
<div class="number">100%</div>
<div class="label">Data Sovereignty<br>Guaranteed</div>
</div>
</div>
<div class="diff-section">
<div class="section-title">Why CERTifAI Wins</div>
<div class="diff-grid">
<div class="diff-item">
<div class="diff-title">AI-Native Security</div>
<div class="diff-desc">LLM-driven pentesting & triage replace $5K$50K manual engagements. No competitor offers autonomous AI pentests.</div>
</div>
<div class="diff-item">
<div class="diff-title">Full Provenance</div>
<div class="diff-desc">Every finding traces back to its control, rule, and source. Complete audit trail from detection through remediation.</div>
</div>
<div class="diff-item">
<div class="diff-title">Data Sovereignty</div>
<div class="diff-desc">Zero data leaves your infrastructure. GDPR-compliant by architecture. EU-hosted deployment options.</div>
</div>
<div class="diff-item">
<div class="diff-title">Shift-Left PR Reviews</div>
<div class="diff-desc">Security findings surface as PR comments before code merges. Developers fix issues at the source, not in production.</div>
</div>
<div class="diff-item">
<div class="diff-title">Built in Rust</div>
<div class="diff-desc">Memory-safe, high-performance stack. Fullstack WASM + SSR with Dioxus. Enterprise-grade reliability.</div>
</div>
<div class="diff-item">
<div class="diff-title">Unified Control Plane</div>
<div class="diff-desc">Security + AI infrastructure in one dashboard. Competitors require 5+ separate tools to match.</div>
</div>
</div>
</div>
<div class="roadmap">
<div class="section-title">Roadmap — Coming Soon</div>
<div class="roadmap-grid">
<div class="roadmap-item">
<div class="rm-title">SOC2 & ISO 27001</div>
<div class="rm-desc">Pre-built control mappings for certification readiness</div>
</div>
<div class="roadmap-item">
<div class="rm-title">Policy-as-Code</div>
<div class="rm-desc">Custom compliance rules via declarative YAML policies</div>
</div>
<div class="roadmap-item">
<div class="rm-title">CI/CD Gates</div>
<div class="rm-desc">Block deploys on critical findings with pipeline integration</div>
</div>
<div class="roadmap-item">
<div class="rm-title">Executive Reports</div>
<div class="rm-desc">Auto-generated compliance posture reports for leadership</div>
</div>
</div>
</div>
<div class="bottom-row">
<div class="bottom-section">
<div class="section-title">Business Model</div>
<ul>
<li><strong>SaaS Cloud</strong> — Managed multi-tenant platform for SMBs</li>
<li><strong>Enterprise License</strong> — Dedicated deployment with support & custom integrations</li>
<li><strong>Professional Services</strong> — Custom rules, pentest reports, compliance audits</li>
<li><strong>API Tiers</strong> — Free community tier, paid enterprise API access</li>
</ul>
</div>
<div class="bottom-section">
<div class="section-title">Target Markets</div>
<ul>
<li><strong>Regulated Industries</strong> — Finance, healthcare, government (GDPR, HIPAA, SOC2)</li>
<li><strong>Enterprise DevSecOps</strong> — Shift-left security for engineering teams</li>
<li><strong>EU Data Sovereignty</strong> — Companies requiring sovereign AI infrastructure</li>
<li><strong>Security Consultancies</strong> — Automated pentesting & report generation</li>
</ul>
</div>
</div>
</div>
<div class="footer">
<div class="conf">Confidential — Do Not Distribute</div>
<div class="date">CERTifAI — March 2026</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink