What does KollGuard do?

KollGuard connects read-only to your GitHub repositories and databases (Postgres, Supabase), scans them for security gaps, and maps every finding to the controls auditors check. The first scan is free and takes minutes.

Which compliance frameworks does KollGuard support?

Twelve: SOC 2 and HIPAA are asserted directly from the technical checks, while ISO 27001, ISO 27701, PCI DSS, GDPR, NIST CSF, NIST 800-53 (the basis for NIST 800-171 and CMMC), HITRUST CSF, CIS Controls and the Joint Commission (JCAHO) Information Management standards are crosswalked from the same checks.

How is KollGuard different from Vanta, Drata, or Secureframe?

KollGuard actually scans your systems rather than only collecting evidence or sending questionnaires, starts free in minutes, is transparently and affordably priced, and lets vendors prove their posture without sharing source code or credentials.

Can KollGuard monitor my AI agents?

Yes. KollGuard's Agent Watch monitors the AI agents you deploy — MCP servers, CI bots, service accounts, and LLM agents — recording every run as a tamper-evident, hash-chained heartbeat, raising health and behavior-drift alerts, and emailing a nightly digest. It maps agent activity to the same SOC 2 and HIPAA controls as the rest of your security posture, so the AI agents touching your data are continuously monitored for compliance.

Does KollGuard need access to my source code?

No. KollGuard performs read-only checks against repository and database metadata and configuration; it never copies or stores your source code, and credentials are encrypted in a vault.

How much does KollGuard cost?

The first scan is free. Paid plans are Starter at $19.89/month and Growth at $99/month, with custom Enterprise pricing. There are no quote-based contracts to get started.

Do AI agents fall under SOC 2?

Yes, if they touch in-scope data or systems. An autonomous or semi-autonomous agent is a system component and a non-human user, so it falls under the Common Criteria — primarily CC6 (logical access) and CC7 (system operations/monitoring), and CC8 (change management) if it can change code or infrastructure.

What SOC 2 evidence do auditors want for AI agents?

An inventory of agents (non-human identities), each agent's scope and the date of its last access review, and monitored run logs that show anomaly detection and response. In short: who the agents are, what they can do, and proof you watch what they actually do.

How do I monitor AI agents for SOC 2?

Give each agent a unique identity, record every run to a tamper-evident log, and alert on health and behavior drift (CC7.2–CC7.4). KollGuard's Agent Watch does exactly this and maps each agent's activity to the relevant Trust Services Criteria, so the run history doubles as audit evidence.

Is an over-privileged agent a SOC 2 finding?

It can be. CC6.3 expects least-privilege authorization. An agent holding broad or stale permissions it does not use is the same control gap as an over-privileged employee, and an auditor sampling access will treat it the same way.

SOC 2 for AI agents (CC6 / CC7 mapping)

The seven-step plan

1.Recognize agents as in-scope system components
SOC 2 scope covers the systems that process, store, or transmit your in-scope data. An autonomous agent with access to that data — or to the systems holding it — is a system component, full stop. Add every agent (MCP servers, CI bots, LLM tool-callers, service accounts) to your system description and data-flow diagrams.
2.Map agents to the right Trust Services Criteria
Agents land squarely in the Common Criteria: CC6 (logical and physical access) for who/what can do what, and CC7 (system operations) for monitoring and incident response. If agents can change infrastructure or code, CC8 (change management) applies too. Knowing the mapping tells you which evidence the auditor will request.
3.Give each agent a unique identity (CC6.1)
CC6.1 expects identification and authentication of users — and an agent is a user of your systems. Shared keys break this. Issue each agent its own credential so access is attributable and revocable per agent, and so an access review can actually account for every non-human identity.
4.Enforce least privilege for agents (CC6.3)
CC6.3 is about authorizing access based on roles and least privilege. Agents accumulate scope over time exactly like service accounts, so scope each one to the minimum it needs and re-review on a cadence. An over-privileged agent is the same finding as an over-privileged employee.
5.Log and monitor agent activity (CC7.2)
CC7.2 requires monitoring system components for anomalies. Record every agent run — what it did, when, with what result — to a tamper-evident store, and watch it. Agent run logs are access logs; they belong in the same monitoring program as the rest of your infrastructure.
6.Detect and respond to agent anomalies (CC7.3–CC7.4)
Define what 'abnormal' looks like for each agent (a failed or stalled run, a missed cadence, a spike in actions, a new action type) and have a response path when it fires. A prompt-injected or compromised agent shows up here first — if you're watching.
7.Produce the evidence the auditor will ask for
For agents, that's: an inventory of non-human identities, their scopes and last access review, and a sample of monitored run logs showing detection and response. Assemble it continuously; reconstructing six months of agent activity the week before fieldwork is how teams fail a Type 2.

Agent Watch turns agent activity into evidence

KollGuard's Agent Watch gives each agent a unique identity, records every run as a tamper-evident, hash-chained heartbeat, and alerts on health and drift — then maps it to CC6/CC7. The result is exactly the SOC 2 evidence auditors ask for: who your agents are, what they can do, and proof you monitor what they actually do.

Frequently asked

Do AI agents fall under SOC 2?: Yes, if they touch in-scope data or systems. An autonomous or semi-autonomous agent is a system component and a non-human user, so it falls under the Common Criteria — primarily CC6 (logical access) and CC7 (system operations/monitoring), and CC8 (change management) if it can change code or infrastructure.
What SOC 2 evidence do auditors want for AI agents?: An inventory of agents (non-human identities), each agent's scope and the date of its last access review, and monitored run logs that show anomaly detection and response. In short: who the agents are, what they can do, and proof you watch what they actually do.
How do I monitor AI agents for SOC 2?: Give each agent a unique identity, record every run to a tamper-evident log, and alert on health and behavior drift (CC7.2–CC7.4). KollGuard's Agent Watch does exactly this and maps each agent's activity to the relevant Trust Services Criteria, so the run history doubles as audit evidence.
Is an over-privileged agent a SOC 2 finding?: It can be. CC6.3 expects least-privilege authorization. An agent holding broad or stale permissions it does not use is the same control gap as an over-privileged employee, and an auditor sampling access will treat it the same way.

Get audit-ready agent evidence — free Related: AI agent security →

SOC 2 for AI agents

The seven-step plan

1.Recognize agents as in-scope system components

2.Map agents to the right Trust Services Criteria

3.Give each agent a unique identity (CC6.1)

4.Enforce least privilege for agents (CC6.3)

5.Log and monitor agent activity (CC7.2)

6.Detect and respond to agent anomalies (CC7.3–CC7.4)

7.Produce the evidence the auditor will ask for

Agent Watch turns agent activity into evidence

Frequently asked