📋 Compliance
Prove compliance automatically. NAT generates audit-ready evidence mapped to industry security frameworks — no manual effort required.
Why NAT for compliance?
| Approach | What it takes |
|---|---|
| Traditional compliance | Manual spreadsheets, screenshot evidence, weeks of prep before every audit |
| NAT compliance | Automated reports, real-time badge status, BGSTM audit trail — generated after every scan |
What NAT provides
| Feature | Description |
|---|---|
| Framework Coverage | OWASP API Top 10, PCI-DSS, HIPAA, SOC 2 |
| Compliance Reports | AI-generated narrative reports mapped to each framework's requirements |
| Embeddable Badges | shields.io badges showing real-time compliance status |
| BGSTM Audit Trail | 6-phase evidence chain: Plan → Generate → Prepare → Execute → Analyze → Report |
For compliance officers: You don't need to understand API testing to use NAT compliance reports. Each report explains findings in plain language, maps them to specific framework requirements, and provides actionable remediation guidance.
💡
For developers: Generate reports from the CLI with nat ai compliance-report --framework owasp. See AI Assistant → Compliance Reports for full CLI reference.
Quick start
-
Run a security scan:
nat scan --target https://your-api.com -
Generate a report:
nat ai compliance-report --framework owasp --output report.pdf -
Embed a badge: copy the shields.io URL to your README (see Compliance Badges)
Plan availability
| Plan | What you get |
|---|---|
| Free | View compliance scores in dashboard |
| Pro | 5 compliance reports / month |
| Team | Unlimited reports + BGSTM audit trail export |
In a hurry? See Quick Scans
Was this helpful?