AIVory Guard  ·  Compliance

Real-time compliance. Catch violations before they ship.

Real-time validation for 18+ standards (OWASP, GDPR, HIPAA, PCI-DSS, SOC 2) in your IDE and for your AI agent. Catch violations as you type — before commit, before deploy, before audit.

OWASP free forever  ·  18+ standards  ·  MCP-compatible

Scanning for: OWASP GDPR HIPAA PCI-DSS SOC 2 ISO 27001 CCPA TISAX DORA NIS2 +7 more
The problem

AI is great for code — its errors are expensive.

One compliance violation in production can cost your company millions. Here's why catching them early matters.

# GitHub Copilot generated this yesterday:

def process_user_data(users): # Logs full user data including PII logger.info(f"Processing users: {users}")GDPR violation send_to_analytics(users.email, users.ssn)Data exposure
Fix it now With AIVory

$100

per violation caught while coding

VS
Fix it later Without AIVory

$3K–5K

per violation found in production

30–50× more expensive to fix after deployment

The solution

Stop violations before they ship.

Real-time compliance scanning in your IDE. Catch violations as you type — before commit, before deploy, before audit.

Real-time protection

See violations highlighted instantly as you code — human or AI-generated.

Works with your AI tools

GitHub Copilot CLI, Cursor, Claude Code, Windsurf — all write compliant code automatically.

One-click fixes

Don't just see problems — fix them instantly with suggested remediation.

How it works

Up and running in 30 seconds.

Install plugin → Select frameworks → Start coding safely.

1

Install in one click

VS Code, JetBrains, Cursor, Windsurf — same extension, same rules.

2

Guard scans as you type

Rules evaluate every edit. Violations show inline with a standard reference, never a wall of output.

3

One-click AI fix

Guard proposes a fix that keeps your tests green. Accept, reject, or edit. Commit clean.

Step 1: Install Plugin
1. Open IntelliJ IDEA / PyCharm / WebStorm
2. Go to Settings → Plugins
3. Search for "AIVory"
4. Click Install
5. Restart IDE
Step 2: Configure frameworks
1. Open AIVory settings (Tools → AIVory)
2. Select compliance frameworks:
   ✓ GDPR    ✓ HIPAA
   ✓ SOC 2   ✓ PCI-DSS
   ✓ ISO 27001  ✓ OWASP
   ... and 12+ more
3. Click Apply
4. Start coding with real-time protection!
Step 1: Install Extension
# From VS Code Marketplace
1. Open VS Code
2. Press Ctrl+Shift+X (Cmd+Shift+X on Mac)
3. Search for "AIVory"
4. Click Install

# Or via command line
code --install-extension aivory.aivory
Step 2: Configure & scan
1. Go to Settings (Ctrl+,)
2. Search for "AIVory"
3. Enter API token from app.aivory.net/tokens
4. Extension starts scanning automatically!

# Works with GitHub Copilot, Codex, etc.
Step 1: Install Extension + MCP
# 1. Install AIVory Extension
Ctrl+Shift+X → Search "AIVory" → Install

# 2. Setup MCP for AI commands (optional)
# Create .cursor/mcp.json:
{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["--yes", "@aivorynet/guard"],
      "env": {"AIVORY_API_KEY": "your_key"}
    }
  }
}
Step 2: Add .cursorrules
# Create .cursorrules in project root
When writing or modifying code:
1. Write the code as requested
2. Extension scans automatically (inline warnings)
3. Use /aiv:scan for detailed MCP scan (optional)
4. Fix all violations before completing

# Cursor + AIVory = Compliant AI code!
Step 1: Install MCP Endpoint (free tier)
# For Claude Code — no API key needed for OWASP
claude mcp add --transport stdio aivory -- npx -y @aivorynet/guard

# For other AI agents, add to config
{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["-y", "@aivorynet/guard"]
    }
  }
}
Step 2: Start scanning
# OWASP scanning available immediately — no setup required.

# For all 18+ standards (GDPR, HIPAA, etc):
# Get API key from https://app.aivory.net/tokens
export AIVORY_API_KEY=your_key
Step 1: Install & initialize
# Add AIVory marketplace
/plugin marketplace add aivorynet/claude-marketplace

# Install the plugin
/plugin install aiv

# Initialize configuration
/aivory:init
Step 2: Add CLAUDE.md
# Create CLAUDE.md in project root
## AIVory Compliance Scanning

When writing or modifying code:
1. Write the code as requested
2. Call /aiv:scan to check violations
3. Review results and fix violations
4. Re-scan before completing
Step 1: Install & configure
# Install GitHub Copilot CLI
brew install github/gh-cli-copilot/gh-copilot

# Authenticate
gh auth login
gh copilot auth

# AIVory MCP setup in ~/.config/github-copilot/mcp/
Step 2: Start scanning
# Start Copilot CLI
gh copilot

# Ask to scan with AIVory
> Scan my auth.js with AIVory for OWASP compliance

# Get API key: https://app.aivory.net/tokens
Step 1: Configure MCP
# Create Windsurf MCP config
mkdir -p ~/.codeium/windsurf

cat > ~/.codeium/windsurf/mcp_config.json <<'EOF'
{
  "mcpServers": {
    "aivory": {
      "command": "npx",
      "args": ["--yes", "@aivorynet/guard"],
      "env": {
        "AIVORY_API_KEY": "your_key"
      }
    }
  }
}
EOF

# Restart Windsurf
Step 2: Add .windsurfrules
# Create .windsurfrules in project root
When writing or modifying code:
1. Write the code as requested
2. Use AIVory scan_code tool to check violations
3. Review results and fix violations
4. Re-scan before completing
Dashboards

Track project health with real-time dashboards.

Trace your compliance status everywhere.

Web dashboard

Comprehensive analytics and team management.

AIVory Web dashboard showing compliance metrics, violations by severity and standard, and recent activity

CLI dashboard

Real-time compliance monitoring in your terminal.

AIVory CLI terminal dashboard showing compliance status, violations by severity, and standards breakdown

IDE dashboard

Integrated compliance insights directly in your IDE.

AIVory JetBrains plugin dashboard showing compliance status and detailed violation breakdowns

Never lose track of your compliance posture. Monitor violations as they happen, track improvements over time, and identify hotspots before they become problems.

Start tracking for free
Comparison

Post-commit vs write-time scanning.

It's important to catch mistakes early. Here's why.

Feature Write-time agent protection Post-commit scanning
Detection timingAs you typeAfter commit
Fix cost per violation*$100$3K–5K
AI code tracking
Git platform supportAny gitGitHub/GitLab only
Compliance coverageFull complianceSecurity scanning only
IDE integration

* Based on NIST and Ponemon Institute research: issues cost 30–50× more to fix post-deployment.

Pricing

What's free forever.

No credit card. No trial limits. Real security scanning for every developer.

Free Plan

Forever, no strings attached.

  • OWASP Top 10 scanning — SQL injection, XSS, broken auth, and all critical security vulnerabilities.
  • 50 scans per week — enough for individual developers and small projects.
  • All IDE integrations — VS Code, JetBrains, Cursor, Windsurf.
  • AI agent integrations — MCP endpoint, Claude Code plugin.
  • Inline violation markers — issues highlighted directly in your code on scan.
  • Community support — Discord, GitHub discussions.
Start free forever
Popular

Premium Plans

From $19/month.

Everything in Free, plus:

  • All 18+ compliance standards — GDPR, HIPAA, PCI-DSS, SOC 2, ISO 27001, CCPA, and more.
  • 250+ scans/week (Starter) or unlimited scans (Pro).
  • AI code tracking — know which code came from AI assistants.
  • Web dashboard — track compliance across all projects.
  • Team collaboration — shared dashboards, team insights (Pro).
  • Priority support — faster response times.
Start 7-day free trial
Plans

Free security for all, with premium options.

Start free forever. Upgrade for full compliance coverage.

Free

For developers getting started.

$0forever

  • 50 scans per week
  • OWASP Top 10 only
  • Community support
Get started free

Pro

For teams requiring unlimited scans.

$39/ month

  • Unlimited scans
  • All compliance standards
  • AI code tracking
  • Team collaboration
  • Web dashboard
  • Priority support
Start 7-day free trial

No card required. Cancel anytime.

Enterprise — on-premise deployment

Unlimited scans · Self-hosted LLM & data · All compliance standards · Custom integrations · SLA guarantees · White-label options.

Contact sales
Early access

Join early access50% off for 100 teams.

Help shape AIVory. 50% off for the first 100 teams.

Early adopter pricing

50% off our Pro and Starter plan for 6 months.

Direct engineering access

Work directly with our team to shape AIVory's roadmap.

Priority features

Your compliance needs drive our development priorities.

ROI calculator

Calculate your compliance ROI.

See what violations cost your team annually.

10
40%

Potential violations / month

24

Cost at write-time (with AIVory)

$2,400

Cost in production (without AIVory)

$96,000

(30–50× more expensive)

Potential savings / year

$1.1M

Standards covered

Every framework your auditor requires.

We support them all.

SOC 2Type I & II
GDPREU Privacy
HIPAAHealthcare
PCI-DSSPayments
ISO 27001InfoSec
OWASPTop 10
CCPACalifornia
Custom rules

Custom rules available for Enterprise.

Mission

Built by developers who shipped 100+ products.

We felt the pain of compliance violations in production. So we built the tool we needed.

We're not building this because compliance is trendy. We're building it because AI lets you ship faster than ever — but compliance gaps can kill your company overnight. One GDPR fine. One security breach. One audit failure.

Startups need to move fast. Enterprises need to stay compliant. You shouldn't have to choose.

For startups

Ship your MVP in days, not months — with AI writing 60% of your code. But one compliance violation can end your company before it starts. Protect yourself as you scale, from day one.

For enterprises

Your developers use AI assistants — whether you know it or not. AI-generated code bypasses your compliance review process. Protect your enterprise before the next audit.

One solution

AIVory works the same way for a 2-person startup and a 2,000-person enterprise. Real-time compliance that scales with you. Move fast. Stay compliant. No tradeoffs.

SOC 2 Compliant Zero data retention Open source core

Built by the team behind 100+ enterprise software projects and used by indie hackers and Fortune 500 teams alike.

FAQ

Common questions.

Is AIVory Guard free?

Yes. OWASP Top 10 scanning is free forever with 50 scans per week — no credit card, no trial expiry. Premium plans starting at $19 per month unlock all 18+ compliance standards, unlimited scans, AI code tracking, and team dashboards.

Which compliance standards does Guard cover?

Guard supports 18+ standards including OWASP Top 10, GDPR, HIPAA, PCI-DSS, SOC 2, ISO 27001, CCPA, TISAX, DORA, and NIS2. The free plan covers OWASP; premium plans unlock the full library plus custom rules for enterprise teams.

Does Guard work with AI code assistants?

Yes. Guard scans every line equally whether you wrote it or GitHub Copilot, Cursor, Claude Code, or Windsurf generated it. Premium plans also track which code came from AI assistants so you can audit AI-generated output separately.

How does real-time scanning work?

Guard evaluates your code on every save inside your IDE. Violations appear as inline markers with a direct reference to the standard that was breached — for example "GDPR Art. 32 — unencrypted PII in log output." One-click AI fixes suggest a compliant replacement you can accept, edit, or dismiss.

Which IDEs and tools are supported?

Guard runs in VS Code, JetBrains IDEs (IntelliJ, PyCharm, WebStorm, and others), Cursor, Windsurf, and Antigravity. It also ships as an MCP endpoint for Claude Code and other AI agents, and a CLI for CI/CD pipelines.

Do I need to change my workflow?

No. Install the plugin or extension and Guard starts scanning in the background. There is no config file to write, no build step to add, and no separate tool to open. Violations surface inline as you code — the same way a linter highlights syntax errors.

What is the difference between free and premium?

The free plan gives you OWASP Top 10 scanning with 50 scans per week across all supported IDEs. Premium adds the full 18+ standard library, 250 or unlimited scans per week, AI code tracking, web dashboards, team collaboration features, and priority support. Enterprise adds self-hosted deployment, custom rules, and SLA guarantees.

Ship AI code that survives an audit.

OWASP is free. Install Guard in under a minute.