Skip to content

Compliance Framework Mapping #42

Open
Open
Compliance Framework Mapping#42
Labels
enhancementNew feature or requesthelp wantedExtra attention is needed
@samugit83

Description

@samugit83
samugit83
opened on Mar 5, 2026

Description

Auto-map findings to PCI-DSS, SOC 2, ISO 27001, HIPAA, NIST CSF with gap analysis reports.

What already exists

  • MITRE CWE/CAPEC mapping with hierarchical relationships
  • CVE enrichment with CVSS scores
  • NIST NVD API integration for CVE lookups

What needs to be built

  • PCI-DSS control mapping for findings
  • SOC 2 trust service criteria mapping
  • ISO 27001 Annex A control mapping
  • HIPAA safeguard mapping
  • NIST CSF function/category mapping
  • Gap analysis engine (controls covered vs. not assessed)
  • Compliance report generation per framework
  • Compliance dashboard UI with coverage metrics

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requesthelp wantedExtra attention is needed

    Projects

    RedAmon Roadmap

    Status

    Up for grabs

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions