13 Products · All Included

Security & Compliance
Solutions That Work

Purpose-built for Azerbaijani banks, NBCOs, and fintechs. Every product maps directly to CBAR, ISO 27001:2022, and NIST CSF 2.0 requirements.

How would you like to deploy?
Cloud: we host and manage everything. Start in 60 seconds, no infrastructure required, automatic updates.
  Security Operations

Detect. Monitor. Protect.

Real-time visibility into your security posture. Know what's happening across your systems, endpoints, and data — before regulators ask.

Log Monitoring
Log Monitoring & SIEM
Centralised log collection and real-time alerting across your banking infrastructure. Detect anomalies, brute-force attempts, and policy violations instantly.
  • Real-time event ingestion and parsing
  • Pre-built CBAR alert rules (brute force, card data, after-hours access)
  • Automated incident creation from log events
  • 90-day retention with tamper-evident storage
Endpoint Security
Endpoint Security Manager
Deploy and monitor the GRCLab agent across all employee devices. Track compliance status, patch levels, and security configurations in real time.
  • Lightweight agent for Windows & macOS
  • Real-time device health and patch status
  • USB device detection and alerting
  • Remote compliance policy enforcement
DLP
Data Loss Prevention
Prevent sensitive customer and financial data from leaving your perimeter. Classify, monitor, and block data movements that violate your policies.
  • Automatic PII and card data detection
  • Email, USB, and cloud upload monitoring
  • Policy-based blocking and alerting
  • CBAR-aligned data classification built in
Asset Management
Asset Manager
Complete inventory of your information assets with automated risk scoring. Map every asset to applicable frameworks and controls — always audit-ready.
  • Automated asset discovery via agent scanning
  • CVE vulnerability mapping per asset
  • Risk heatmap and criticality scoring
  • 6-framework mapping: CBAR, ISO 27001, NIST, CIS, PCI DSS, GDPR
Code Review Governance
Secure SDLC & Code Reviewer
Built-in security scanning for your development pipeline — runs directly in the platform, no Python or external tools to install. Pattern-based and AI-powered review, with a full audit trail for CBAR / ISO 27001 A.14.
  • Security & taint-aware scanning (SQLi, XSS, hardcoded secrets)
  • AI-powered review with auto-fix suggestions (Claude)
  • 26-point checklist, findings tracking, and sign-off audit trail
  • CI/CD token integration — GitHub Actions & GitLab CI ready

  Compliance & Governance

Stay Compliant. Stay Audit-Ready.

From policy lifecycle to evidence collection and audit templates — everything your team needs to pass CBAR inspection and ISO 27001 certification.

Policy Management
Policy Manager
Create, version, distribute, and track employee acknowledgements for all your information security policies. Full lifecycle from draft to retirement.
  • Policy editor with version control
  • Automated staff notification and attestation
  • Acknowledgement tracking with digital signatures
  • Overdue reminders and compliance dashboard
Evidence Management
Evidence Manager
Collect, organise, and map evidence to controls automatically. Build an always-ready evidence pack for your next CBAR audit or ISO 27001 assessment.
  • Upload and link evidence to specific controls
  • Automatic expiry tracking and renewal alerts
  • One-click audit pack generation
  • ISO 27001 Annex A and CBAR control mapping
Audit Templates
Audit Template Library
Ready-made audit programmes for every major framework. Launch a structured audit in minutes — no need to build questionnaires from scratch.
  • CBAR 405-requirement audit programme
  • ISO 27001:2022 Annex A checklist
  • NIST CSF 2.0 assessment template
  • Custom template builder for internal audits
CBAR Compliance
CBAR Compliance Suite
End-to-end readiness for AR MB inspections. Track all 405 CBAR requirements, generate readiness reports, and close gaps before the regulator knocks.
  • Full 405-requirement CBAR control library
  • Readiness score with gap visualisation
  • One-click regulator-ready PDF report
  • Remediation task assignment and tracking
AI Policy Creator
AI Policy Generator
Generate production-ready information security policies in Azerbaijani and English in seconds. Select the framework and policy type — Claude AI does the rest.
  • 50+ policy templates for IS, HR, IT, and operations
  • Bilingual output (Azerbaijani + English)
  • CBAR and ISO 27001 aligned language built in
  • Direct publish to Policy Manager

  Risk Management

Identify. Assess. Control.

Comprehensive risk and vendor management aligned to CBAR and ISO 27001. Turn risk data into decisions — not spreadsheets.

Risk Register
Risk Register & ORM
Identify, assess, treat, and monitor operational risks in one place. Risk heatmap, KRI tracking, and scenario analysis — built for financial institutions.
  • Risk register with likelihood × impact scoring
  • Interactive risk heatmap
  • KRI dashboard with threshold alerting
  • Loss event and scenario analysis modules
Incident Management
Incident Manager
Log, classify, investigate, and report security incidents. Auto-prioritise by severity and generate AR MB-ready incident reports in one click.
  • Incident triage with severity classification (Low/Medium/High)
  • Investigation workflow with evidence attachment
  • AR MB notification report generator
  • MTTR and incident trend analytics
Vendor Risk
Vendor Risk Manager
Assess and continuously monitor the security posture of your third-party vendors and suppliers. Satisfy CBAR third-party risk requirements with ease.
  • Vendor onboarding with risk questionnaire
  • Inherent and residual risk scoring
  • Contract and SLA tracking
  • Annual vendor review workflow
Regulatory Monitor
Regulatory Change Monitor
Get notified the moment AR MB or other regulators publish new requirements. AI analyses each change and tells you exactly which controls are affected.
  • Monitors AR MB, e-Qanun, and Telegram channels
  • AI impact analysis per regulatory change
  • Automatic control gap identification
  • Email alerts with action recommendations

  AI-Powered Tools

Compliance, Supercharged by AI.

GRCLab's AI layer — powered by Claude — automates the most time-consuming compliance tasks. Your team focuses on decisions, not data entry.

AI Chatbot
AI Policy Assistant
Your staff ask questions in plain language — the AI answers instantly based on your company's own policies. Reduces compliance officer workload by up to 60%.
  • Trained on your uploaded policy documents
  • Answers in Azerbaijani and English
  • Session history and thumbs up/down feedback
  • Available 24/7 in the Staff Portal
AI Risk Assessment
AI Risk Assessment Generator
Describe an asset or process — AI generates a complete risk assessment with threats, vulnerabilities, likelihood scores, and recommended controls in seconds.
  • Auto-generated threats and vulnerabilities per asset
  • Likelihood × impact scoring with justification
  • Control recommendations mapped to ISO 27001
  • One-click save to Risk Register
AI Policy Creator
AI Policy Generator
Select a policy type and framework — Claude generates a complete, audit-ready policy document in Azerbaijani and English. What took days now takes 30 seconds.
  • 50+ policy types for IS, HR, IT, and BCP
  • Bilingual output (AZ + EN)
  • Framework-aligned language (CBAR, ISO 27001)
  • Edit and publish directly to Policy Manager
13
Products Included
405
CBAR Requirements Covered
6
Frameworks Supported
10×
Cheaper than IBM OpenPages

Ready to See It in Action?

Start your 15-day free trial — all 13 products, no credit card required.

Start Free Trial Book a Demo
15 days free No credit card All products unlocked