About AuditKit

One scanner that replaces $200K in compliance consulting across five frameworks and four cloud providers.

What AuditKit Does

AuditKit is a multi-cloud compliance scanner. It connects to your AWS, Azure, GCP, and Microsoft 365 environments, runs 240+ automated checks, and tells you exactly what's passing, what's failing, how to fix each issue, and what evidence your auditors will ask for.

Most compliance tools stop at detection. AuditKit goes further: every failed check includes the specific CLI command to fix it, a step-by-step screenshot guide for manual evidence collection, and direct links to the relevant cloud console page.

The free version covers SOC2, PCI-DSS v4.0, CMMC Level 1, HIPAA, and NIST 800-53 with full cross-framework mappings. The Pro version adds CMMC Level 2 (all 110 practices), multi-account scanning, evidence package generation, continuous monitoring, drift detection, and a Desktop GUI.

By the Numbers

240+
Automated Checks
5
Compliance Frameworks
4
Cloud Providers
$0
Free Version Cost

Frameworks

SOC2, PCI-DSS v4.0, CMMC (L1 + L2), HIPAA, NIST 800-53, with ISO 27001 and FedRAMP crosswalks

Providers

AWS (90+ checks), Azure (64+), GCP (170+), Microsoft 365 (29+ via ScubaGear)

Output Formats

PDF, HTML (interactive), JSON, CSV, terminal. Plus evidence packages and screenshot guides.

How It Works

AuditKit uses read-only API calls to inspect your cloud configuration. It never modifies your infrastructure. The scanner runs locally on your machine, connects to your cloud provider using your existing credentials, evaluates each compliance control, and generates a report.

Each scan result maps to one or more compliance framework controls. A single check -- like verifying S3 bucket encryption -- simultaneously satisfies SOC2 CC6.3, PCI-DSS 3.4, HIPAA 164.312(a)(2)(iv), and CMMC SC.L2-3.13.11. This cross-framework mapping eliminates duplicate work when you need multiple certifications.

All scanning happens locally. No data leaves your machine. No cloud account, no SaaS dashboard, no telemetry. The tool is a single Go binary that runs wherever you have credentials.

# Install go install github.com/guardian-nexus/auditkit/scanner/cmd/auditkit@latest # Scan all frameworks against AWS ./auditkit scan -provider aws -framework all -format pdf -output report.pdf # Output: PDF report + evidence tracker + remediation guide

Built by Guardian Nexus

AuditKit is built and maintained by Guardian Nexus, a team of engineers who have been through the compliance process firsthand. The tool exists because we spent too much time and money on consultants who ran automated scans and charged five figures for the output.

The free version is open source under the Apache 2.0 license. The Pro version supports the continued development of both editions and adds the advanced features that defense contractors and enterprise teams need for CMMC Level 2 and large-scale compliance programs.

Get Started

Install AuditKit and run your first compliance scan in under 5 minutes.

Quick Start Guide View on GitHub AuditKit Pro