Compliance
이 콘텐츠는 아직 한국어로 제공되지 않습니다.
The Compliance page provides a unified dashboard for tracking your organization’s compliance posture across nine security frameworks. Each framework includes Readiness and Controls sub-tabs for monitoring coverage, editing control status, and managing audit evidence.
Supported Frameworks
| Framework | Description | Region |
|---|---|---|
| ISMS-P | Information Security Management System - Personal Information | Korea |
| ISO 27001 | International information security standard | Global |
| SOC 2 | Service Organization Control 2 (Trust Services Criteria) | Global |
| PCI-DSS | Payment Card Industry Data Security Standard | Global |
| TISAX | Trusted Information Security Assessment Exchange (Automotive) | EU |
| CMMC | Cybersecurity Maturity Model Certification (Defense) | US |
| GDPR | General Data Protection Regulation | EU |
| CCPA | California Consumer Privacy Act | US |
| NIST CSF | National Institute of Standards Cybersecurity Framework | US |
Readiness Tab
Each framework’s Readiness tab shows the overall compliance readiness percentage and a category breakdown.
Overall Readiness Score
A single percentage score summarizing how many controls are covered. Current scores by framework:
| Framework | Readiness |
|---|---|
| ISMS-P | 77% |
| CMMC | 65% |
| NIST CSF | 59% |
Category Breakdown
Each category displays a horizontal coverage bar showing the percentage of controls satisfied. Individual controls within each category link to the KYRA MDR feature that provides coverage (e.g., Identities, Alerts, Detection Rules).
Controls Tab
The Controls tab presents a DataTable of all controls for the selected framework.
Columns
| Column | Description |
|---|---|
| Control ID | Framework-specific identifier |
| Control Name | Description of the requirement |
| Status | Editable status: Compliant, Partial, Non-Compliant, Not Applicable |
| KYRA Coverage | Green auto badge if a KYRA MDR feature covers the control, gray manual badge otherwise |
| Evidence | Attached evidence documents and their review status |
KYRA Coverage
The KYRA Coverage column shows which KYRA MDR feature satisfies each control. Covered features include identities, alerts, detection-rules, assets, network flows, and others. Each feature name is a clickable link that navigates to the corresponding console page.
Controls with a green auto badge are automatically satisfied by KYRA MDR capabilities. Controls with a gray manual badge require manual evidence or implementation outside the platform.
Status Editing
Click a control’s status cell to change it inline. Available statuses:
- Compliant — Control is fully implemented and verified
- Partial — Control is partially implemented
- Non-Compliant — Control is not yet implemented
- Not Applicable — Control does not apply to your environment
PDF Export
Export a compliance report for any framework as a PDF document. The report includes the readiness score, category breakdown, and full control listing with statuses and evidence references.
Evidence Management
Evidence Workflow
Evidence documents follow a four-stage lifecycle:
PENDING → COLLECTED → REVIEWED → APPROVED- PENDING — Evidence has been requested but not yet gathered
- COLLECTED — Evidence document has been uploaded or auto-collected
- REVIEWED — Evidence has been reviewed by an auditor or compliance lead
- APPROVED — Evidence is finalized and accepted for audit
Auto-Evidence Collection
For controls covered by KYRA MDR features (green auto badge), evidence can be generated automatically:
POST /api/v1/compliance/evidence/collectThis endpoint scans KYRA-covered controls and auto-generates evidence artifacts (log summaries, configuration snapshots, detection rule inventories) without manual document preparation.
ISMS-P
ISMS-P includes 31 controls across 7 domains with tri-lingual support for Korean, English, and Japanese. Control names, descriptions, and category labels are displayed in the user’s selected language.
Access Requirements
Compliance features require the Hunt (Pro) tier or above.