Glossary

Compliance Pack

A one-click evidence export that maps a framework's obligations to enforced controls and sealed records.

category ▸ Security

audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
What it means

Compliance Pack, in plain language.

A compliance pack is an on-demand bundle of audit evidence: the mapping from a regulatory framework's obligations to the controls that satisfy them, plus the actual records proving those controls fired. It is the artifact you hand an examiner instead of spending weeks assembling screenshots before a review.

The value is that the evidence is generated, not curated. Because the controls run continuously and record their verdicts, the pack reflects what the system actually did over the period — and because the records are tamper-evident, their integrity is provable rather than asserted.

In Cortex

How Cortex implements it.

This term isn't abstract here — it maps to a real capability in the runtime. Here is exactly how Cortex enforces or relates to it.

Security

A Cortex Compliance Pack assembles the obligation-to-control mapping for a framework with the live, sealed ledger records that show each control fired — verifiable offline. It draws on the same Trust Ledger, signed receipts, and lineage that secure the runtime, so the evidence ties back to real runs.

Cortex frames every framework as aligned with, never certified — the pack supplies enforced controls and provable evidence; the attestation or conformity assessment remains the customer's to obtain.

See Compliance Pack enforced, not just defined.

Book a walkthrough and watch the controls in this glossary return real verdicts, seal real evidence, and trace every fact back to its source.