Overview
Seven-Framework Compliance Evidence Coverage
NSAuditor AI Enterprise maps a single read-only scan to SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, CIS Controls v8, and GDPR Article 32 evidence in one pass.
Seven-Framework Compliance Evidence Coverage
NSAuditor AI Enterprise Product Overview
NSAuditor AI Enterprise Edition is a self-hosted, multi-cloud security and compliance auditor that converts a single read-only scan into signed, timestamped, auditor-ready evidence. In one pass it maps findings to seven frameworks at once: SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, CIS Controls v8, and GDPR Article 32. Every evidence pack is RFC 3161 timestamped and Ed25519-attested, so auditors can independently verify integrity and provenance.
Built for Zero Data Exfiltration, NSAuditor runs entirely inside your own infrastructure using read-only APIs and offline licensing. There are no cloud uploads, no telemetry, and no SaaS backend, which means no BAA or DPA is required and your cloud credentials, findings, and configuration never leave your network. This makes it a fit for air-gapped and highly regulated environments across financial services, healthcare, and government.
Under the hood, NSAuditor performs deep auditing across AWS, Azure, and GCP with 55 plugins, including transitive security-group reachability, IAM shadow-admin chains, KMS key custody, and backup and snapshot exposure. Delivered as a container for deployment in your own VPC, ECS, EKS, or on-premises environment, it integrates with existing pipelines so compliance evidence generation becomes a repeatable, automated step rather than a manual scramble before each audit.
Highlights
- One scan, seven frameworks: generate signed, RFC 3161 timestamped, Ed25519-attested evidence packs for SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, CIS Controls v8, and GDPR Article 32.
- Zero Data Exfiltration by architecture: runs entirely inside your infrastructure with read-only APIs and offline licensing. No cloud uploads, no telemetry, no BAA or DPA required.
- Deep multi-cloud auditing across AWS, Azure, and GCP with 55 plugins, including transitive security-group reachability, IAM shadow-admin chains, KMS key custody, and backup and snapshot exposure.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Dimension | Description | Cost/12 months |
|---|---|---|
Enterprise Base | Enterprise tier, up to 5 seats | $2,000.00 |
Enterprise Growth | Enterprise tier, up to 25 seats | $5,000.00 |
Enterprise Scale | Enterprise tier, unlimited seats (1000) | $10,000.00 |
Vendor refund policy
Refunds are governed by the EULA and the applicable AWS Marketplace order terms. Except as required by AWS Marketplace policies, all fees are non-refundable. Contact support@nsauditor.com for cancellation or refund requests.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
Container image (Docker / Kubernetes / air-gap capable)
- Amazon ECS
- Amazon EKS
Container image
Containers are lightweight, portable execution environments that wrap server application software in a filesystem that includes everything it needs to run. Container applications run on supported container runtimes and orchestration services, such as Amazon Elastic Container Service (Amazon ECS) or Amazon Elastic Kubernetes Service (Amazon EKS). Both eliminate the need for you to install and operate your own container orchestration software by managing and scheduling containers on a scalable cluster of virtual machines.
Version release notes
Initial release. NSAuditor AI Enterprise Edition 0.31.8 (bundles Community Edition 0.2.22): self-hosted, air-gapped multi-cloud security & compliance auditor - 55 audit plugins (28 enterprise cloud plugins across AWS, Azure, GCP), seven-framework evidence packs (SOC 2, HIPAA, NIST CSF 2.0, PCI DSS, ISO 27001, CIS Controls v8, GDPR Art. 32), RFC 3161 timestamped + Ed25519-attested reports, Zero Data Exfiltration.
Additional details
Usage instructions
-
REGISTER FOR YOUR LICENSE KEY (one time, after subscribing). Send a POST request to https://api.licgw.com/v1/marketplace/register with JSON body {"email":"you@company.com ","awsAccountId":"<your 12-digit AWS account ID>"} . Example: curl -X POST https://api.licgw.com/v1/marketplace/register -H "Content-Type: application/json" -d '{"email":"you@company.com ","awsAccountId":"123456789012"}' Use the AWS account ID that holds this Marketplace subscription. Your ES256-signed license key (JWT) is emailed to the address you provide. Support: support@nsauditor.com .
-
PULL THE IMAGE. aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 709825985650.dkr.ecr.us-east-1.amazonaws.com docker pull 709825985650.dkr.ecr.us-east-1.amazonaws.com/nsasoft-us/nsasoft/nsauditor-ai-enterprise:0.31.8
-
RUN WITH YOUR LICENSE. Provide the license key via the NSAUDITOR_LICENSE_KEY environment variable (or mount a config volume and run license install <key> once): docker run --rm -e NSAUDITOR_LICENSE_KEY=<your-license-key> 709825985650.dkr.ecr.us-east-1.amazonaws.com/nsasoft-us/nsasoft/nsauditor-ai-enterprise:0.31.8 --help Cloud credentials for scanning are supplied read-only at runtime (e.g. -e AWS_* / mounted profiles). The same image serves every tier: base / growth / scale differ only by the license key. Air-gapped deployments: the image runs fully offline; license validation is local (no callback).
-
WHERE SENSITIVE INFORMATION IS STORED (Zero Data Exfiltration). All scan data - cloud credentials, findings, configuration, and generated compliance reports - stays inside YOUR environment (the container and any volumes you mount). The product sends no telemetry and has no SaaS backend; nothing about your scans leaves your network. The only data we receive is the billing/fulfillment metadata above (your AWS account ID and the email you submit at registration), which is processed solely to issue your license.
Resources
Vendor resources
Support
Vendor support
Support: support@nsauditor.com | +1-702-625-0401 | https://www.nsauditor.com/support.html
Enterprise Base: Email support plus an onboarding call, across the full Enterprise feature set and cloud scanners.
Enterprise Growth: Dedicated Slack / email channel with priority response (SLA per contract) and custom compliance-mapping help.
Enterprise Scale: A dedicated support engineer and a custom SLA (4-hour critical, 24-hour standard) plus custom plugin development.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.