Question 1

What does KollGuard do?

Accepted Answer

KollGuard connects read-only to your GitHub repositories and databases (Postgres, Supabase), scans them for security gaps, and maps every finding to the controls auditors check. The first scan is free and takes minutes.

Question 2

Which compliance frameworks does KollGuard support?

Accepted Answer

Twelve: SOC 2 and HIPAA are asserted directly from the technical checks, while ISO 27001, ISO 27701, PCI DSS, GDPR, NIST CSF, NIST 800-53 (the basis for NIST 800-171 and CMMC), HITRUST CSF, CIS Controls and the Joint Commission (JCAHO) Information Management standards are crosswalked from the same checks.

Question 3

How is KollGuard different from Vanta, Drata, or Secureframe?

Accepted Answer

KollGuard actually scans your systems rather than only collecting evidence or sending questionnaires, starts free in minutes, is transparently and affordably priced, and lets vendors prove their posture without sharing source code or credentials.

Question 4

Can KollGuard monitor my AI agents?

Accepted Answer

Yes. KollGuard's Agent Watch monitors the AI agents you deploy — MCP servers, CI bots, service accounts, and LLM agents — recording every run as a tamper-evident, hash-chained heartbeat, raising health and behavior-drift alerts, and emailing a nightly digest. It maps agent activity to the same SOC 2 and HIPAA controls as the rest of your security posture, so the AI agents touching your data are continuously monitored for compliance.

Question 5

Does KollGuard need access to my source code?

Accepted Answer

No. KollGuard performs read-only checks against repository and database metadata and configuration; it never copies or stores your source code, and credentials are encrypted in a vault.

Question 6

How much does KollGuard cost?

Accepted Answer

The first scan is free. Paid plans are Starter at $19.89/month and Growth at $99/month, with custom Enterprise pricing. There are no quote-based contracts to get started.

Features built for continuous compliance

Continuous GitHub scanning

Database security scanning

Automatic SOC 2 & HIPAA mapping

Projects with rolled-up posture

Evidence & downloadable reports

AI cost & usage dashboard

Secure by design