Govern
AIAM + 4-framework compliance reporting
Today: audit-logger.ts (143 lines, fully implemented) · admin dashboard with pagination/filter · client_keys table · OWASP Agentic Top 10 mapping 10/10 categories, 77 rule links · Q2 2026: 4-framework compliance reporting · Q3 2026: AIAM + SOC2 Type 1 attestation target.
WHAT THIS LAYER DOES
L7 Govern is what compliance teams and auditors see. Today: audit log of every admin action (actor, IP, timestamp), client key registration + revocation, OWASP Agentic Top 10 mapping. Q2 2026: `pga report --framework <name>` produces per-rule mapping reports for EU AI Act, Colorado AI Act, NIST AI RMF, ISO 42001. Q3 2026: AIAM — agent identity, scope, delegation.
WHY YOU NEED IT
EU AI Act enforces 2026-08-02. Colorado AI Act 2026-06-01. F500 RFPs are asking for per-rule framework mapping, not just "we scan." Auditors need a path from detected event → triggered rule → controlled article. Compliance teams need SOC2 Type II attestation. We publish honest timelines and commit to them.
HOW IT WORKS
Today: threat-cloud/src/audit-logger.ts with audit_log SQLite migrations v2-v3. Q2 2026: ATR rules gain `compliance:` metadata block; `pga report` reads rule YAML + TC audit log to build Markdown / PDF reports. Q3 2026: AIAM package (panguard-auth) — OAuth 2.0 device flow, JWT issue/verify, policy evaluator.
TRY IT NOW
Check sensor registration + audit log status today:
pga sensor statusATTACKS THIS LAYER CATCHES
Concrete threats, concrete controls
Unauthorized admin action
HIGHAudit log captures every rule create / delete / proposal approve with actor + IP — forensic trail preserved even if admin account is compromised.
Compliance attestation gap
MEDIUMWithout per-rule framework mapping, auditors cannot validate EU AI Act Article 9 risk controls → Q2 2026 fix.