⬡ FOUNDING WINDOW open now · AxiomLens $599 · Engine Core $250 · prices step up when it closes Get in →
// Your GRC command deck · Locally owned

Compliance you can
actually operate.

AxiomLens is your GRC command deck: NIST CSF 2.0[1]NIST Cybersecurity Framework 2.0 — including the new GV.SC (Supply Chain Risk Management) category. nist.gov/cyberframework turned into computed coverage, scored risk, and a board-ready report — running locally on your machine, your data in a database you own. Where a CaaS platform rents you a dashboard and holds your evidence in their cloud, this is the owned alternative. One-time license: activate once, then it runs fully offline — no account, no subscription, nothing phoning home after activation.

106 CSF controls 8 linked tables $0 subscription
AxiomLens · Live demo
axiomlens — report build
$ python generate_report.py --client CLT-001
> loading 106 NIST CSF 2.0 subcategories......... ok
> computing coverage................. 38%
> computing maturity................. 1.83 / 4
> surfacing risks.................... 7 open
> generating board narrative......... done
> report written. ✓

Pre-scripted — every number is the real CLT-001 figure. No engine internals exposed.

LOCALLY OWNED
OFFLINE AFTER ACTIVATION
NO SUBSCRIPTION
OWN YOUR DATA
// Locally owned · Own your data

Own it. Don't rent it.

A CaaS platform rents you a dashboard and holds your evidence in their cloud. AxiomLens does the same job from a system you own outright. The difference, row by row:

CaaS / SaaS GRC
rented
AxiomLens
owned
Where your evidence lives
Their cloud — you're a tenant
Your machine — a database file you can copy
What you pay
$10k+/yr in rent, forever
One-time license
When you stop paying
Access ends with the subscription
Nothing changes — it's yours
Who can switch it off
Depends on their servers — and your invoice
No remote kill switch on a paid-up customer
Account & connectivity
Log in to their servers, every session
Activate once, then fully offline
Your data's format
Locked to their platform
Open files — SQLite, Markdown, JSON, HTML

"One-time license, per user. Activate once, then it runs fully offline on your machine — your own database, no API key needed. You own it and operate it — no account, no subscription, nothing phoning home after activation."

// Pick your tier in 30 seconds

Own your deck. Don't rent your compliance.

One scannable comparison — the free taste, the single-org tracker, the flagship command deck, and the CLI operator's build.

CAPABILITY
Gatorbyte
Free
AxiomGlass
$99
AxiomLens
$599 founding
Engine Core
$250 founding
All 5 CSF functions
Computed coverage & maturity
Multi-environment (client book)
Board Report & Hand-Off exports
Rail GUI workbench
BEST FOR
Trying it
One org
Client deliverables
CLI operators

AxiomLens $599 founding, then $999 standard — a difference, not a discount. Engine Core $250 founding / $350 standard. Framework packs $199 à la carte. Comparison: ComplianceForge ≈ $1,980 static · CaaS / SaaS GRC $10k+/yr rented · AxiomLens — computed, owned.

// Flagship · Locally owned · Own your data

AxiomLens

By The Security Gator · Your GRC command deck

Load any environment's NIST CSF 2.0 assessment — your own, a client's, a subsidiary's — and AxiomLens computes coverage and maturity, scores risk, and produces the deliverables that close engagements: the Board Report, the client-ready Hand-Off, and the Cyber-Insurance Evidence Pack (add-on). Every control ID validated against the real framework. A local application with a full rail GUI — built for vCISOs, MSPs, and MSSPs producing a deliverable for someone else's business, not just their own.

AxiomLens · Controls
// Architecture

Eight relational tables, one engine.

Tap a table to see what it holds.

{{ tableName }}

{{ tableDesc }}

// Bought once. Owned forever. Offline after activation.

Real ownership — without the CaaS leash.

Every license is node-locked to your hardware, signed with ECDSA P-256, and fully operational after a single first-run activation — then it verifies offline, every launch. No subscription. No phone-home after activation. No remote kill switch on a paid-up customer. Your machine, your filesystem, your keys, your control.

If The Security Gator LLC ever closes its doors, the EULA carries a vendor-dissolution continuity commitment: an offline-activation fallback and an unsigned license-generation utility get released so your engine keeps running on new hardware, independent of us. That's the trade a compliance lead can actually defend in a vendor-risk review.

// What's in the box

Everything you need to run it day one.

8-table relational base

Frameworks, Controls, Clients, Control Status, Risks, Remediation, Crosswalk, Reports.

Full NIST CSF 2.0 core

All 106 subcategories, pre-loaded, with references.

Deterministic report + risk generators

Computed metrics, validated IDs, template-written narrative — no API key required.

Sample data + walkthrough

Wipeable sample client, setup guide, and a video walkthrough.

The convenience add-on: Cyber-Insurance Evidence Pack ($250). Drop one file into your install and a dormant module unlocks in both paid tiers — a 20-question readiness view mapped to what insurance applications actually ask, with a clean evidence export you can hand straight over. The point is speed: minutes to a defensible answer, not an afternoon of spreadsheet archaeology.

// AXIOMLENS — FOUNDING WINDOW

Founding is closed — standard pricing applies.

Founding pricing is a bounded window, open now: $599 for the AxiomLens GUI, $250 for Engine Core. It's a window, not a seat cap — buy while it's open and your founding price is locked, and every founding GUI purchase includes one framework pack of your choice.

When the window closes, AxiomLens lists at $999 standard and Engine Core at $350; AxiomGlass stays $99 flat. Standard later steps to $1,199 once the next major GUI update ships — founders keep the difference.

// Governance · NIST CSF 2.0 GOVERN

Governance Review Cadence.

AxiomLens schedules each governance control on a review interval and shows you, at a glance, what's on track and what's slipping. This is a seeded view of sample client CLT-001 — static status, exactly as the engine would render it.

No orchestration, by design. AxiomLens runs when you run it. After its one-time activation nothing phones home, nothing recomputes on a schedule, and your data never leaves your machine. These cadences are reminders the deck surfaces — not jobs it executes for you.

Control
Cadence
Last review
Next review
Status
{{ g.name }} {{ g.id }} ⛓ SUPPLIER · GV.SC-07 tie-in
{{ g.cadence }}
{{ g.last }}
{{ g.next }}{{ g.untilTxt }}
{{ g.status }}

Cadence policy: GOVERN controls reviewed every {{ govCadenceGovern }} days, all others every {{ govCadenceOther }} days; flagged “due soon” within {{ govDueSoon }} days. These are sensible defaults — tune them to your own review policy at the top of the module.

$599founding · then $999 standard

Founding window open · includes one framework pack of your choice.

// Live sample · demo client

Board report — Northbridge Health Partners

The numbers are computed in code, so they're right. The narrative is assembled by a deterministic template that owns every figure — same input, same report, every run. This is the actual deliverable — explore it by function.

{{ covDisp }}
OVERALL COVERAGE
{{ matDisp }}/4
PROGRAM MATURITY
{{ risksDisp }}
SCORED RISKS
{{ controlsDisp }}
CONTROLS ASSESSED
COVERAGE BY NIST CSF FUNCTION — tap a function
{{ curName }}
Coverage {{ curCov }} · maturity {{ curMat }}/4
COVERAGE

{{ curNote }}

ALL FUNCTIONS · {{ metricLabel }}
{{ f.code }}
{{ f.barVal }}
// RECOMPUTE — YOUR NUMBERS

Drag the sliders. Coverage = implemented ÷ in-scope; program maturity is the in-scope-weighted average — the same formulas the engine runs. Nothing is faked.

{{ liveCov }}
OVERALL COVERAGE
{{ liveMat }}/4
PROGRAM MATURITY
{{ r.code }} {{ r.name }}
implemented{{ r.impl }}/{{ r.inScope }}
maturity{{ r.mat }}/4
{{ r.covPct }}
TOP RISKS BY INHERENT SCORE
No formal access review process20
Incomplete asset inventory16
No tested incident response plan15
Third-party / vendor risk unmanaged12
BOTTOM LINE

Northbridge's posture is materially below acceptable risk tolerance for a healthcare telehealth organization. As of Q2 2026, only 38 of 100 controls are fully in place — placing the program in early, inconsistent practice.

The good news: no controls fell through the cracks without an owner, and recovery capabilities show slightly stronger maturity than other areas. The gaps are significant and spread across every function.

AxiomLens · The Hand-Off — client-ready, prints to PDF
// The two headline deliverables

The Board Report and the Hand-Off. Both print to PDF.

The Board Report translates posture for non-technical stakeholders — snapshot, coverage, risks, then a plain-English narrative and exactly what to fund next quarter. The Hand-Off (above) bundles the full control register, risk register, sign-off trail, and history into one client-ready sheet. Every export is generated locally and opens print-ready — File → Print → PDF, hand it over. Convenience is the point.

The Board Report · snapshot & risks · prints to PDF
The Board Report · narrative · prints to PDF
// Gator's Weekly Bayou Bytes

Read an issue before you subscribe.

Three sections, twelve minutes, every Tuesday — frameworks, configs, and the takes nobody else publishes. Here's the archive.

The Pulse The Hardened Stack The Boardroom Bridge

{{ it.desc }}

Read the archive ↗

Twelve minutes a week, every Tuesday.

~8:00 AM Central. No spam, unsubscribe anytime.

// For vCISOs, MSPs & MSSPs

One command deck. Your entire client book.

Run NIST CSF 2.0 across every engagement from one deck — computed coverage per client, scored risk, and the deliverables that close engagements: Board Reports, client-ready Hand-Offs, and Cyber-Insurance Evidence Packs. Team seats and MSAs built for portfolios, not single seats.

CLIENT PORTFOLIO · SAMPLE VIEW
74%
CLT-001 · SaaS
61%
CLT-002 · Fintech
38%
CLT-003 · Health
52%
CLT-004 · Retail
Parallel deployments

Run multiple environments side by side — each client's data isolated in its own private local database.

Team seats, one-time

2–10 named seats, the discount deepening with every seat added — no floating licenses, no rent. Above 10 seats, or any MSP-wide / multi-tenant / white-label use: a signed MSA.

MSAs that defend

Continuity commitment and ownership posture that survive a vendor-risk review.

Let's size a license to your client book.

Talk licensing →
// Products & roadmap

One deck. A pack shelf that keeps growing.

Framework packs ship à la carte — drop a pack file into your install and the crosswalk lights up in both paid tiers. Nine frameworks are live today at $199 each, with more in the pipeline. Buy exactly what your book needs; founding GUI purchases include one pack of your choice.

PACKS

Framework crosswalk packs — nine live

NIST 800-53 r5 · ISO 27001:2022 · PCI DSS v4 · SOC 2 · HIPAA · CMMC / 800-171 r3 · OWASP LLM Top 10 · NIST 800-82 r3 · NIST 800-81 r3. Map once in CSF 2.0, see the crosswalk everywhere.

9 frameworksDrop-in install
$199 each
ADD-ON

Cyber-Insurance Evidence Pack

A 20-question readiness view plus a hand-ready export built for insurance applications — drop the pack file in and the dormant module unlocks in both paid tiers. Convenience is the product: minutes to a defensible answer, not an afternoon.

Drop-in unlockWorks in GUI + CLI
$250
Built · one-time
CLI SKU

AxiomLens Engine Core

The full engine at CLI parity — status, sign-off, POA&M, snapshots, evidence, hand-off export — for operators who live in the terminal. Same database, same packs, no GUI.

SQLite + CLIFull parity
$250 founding
Live on Gumroad ↗ · then $350
DO THE MATH

Buy the packs your book needs. Skip the rest.

{{ sepTotal }}

{{ sepCaption }}

Every pack is $199, one-time, drop-in. A typical client book runs three or four packs — no bundle to outgrow, no rent on frameworks you never touch. Browse the packs ↗

// Beyond launch

Where the Gator's headed.

The framework drops above ship with the engine. Here's what comes after — filter by horizon.

{{ r.tag }}

{{ r.title }}

{{ r.body }}

Directional, not a commitment to dates — sequencing shifts with what customers need most.

// Questions, answered out loud

The things you'd email to ask.

Data, licensing, dependencies, continuity, support. If it's not here, the line's open.

{{ f.a }}

Still deciding?

First-line support from the operator. 48-hour response on business days.

// Legal

Terms, privacy & license.

Plain-language summaries of how AxiomLens, Engine Core, and AxiomGlass are licensed, how your data is handled, and what you agree to. These summaries are for the web; your purchase is governed by the full agreements provided at checkout.

01 · TERMS OF USE

Using this site

The Security Gator website and its content — guides, articles, and the Bayou Bytes newsletter — are provided for general information, not as legal, compliance, or security advice. Brand marks, copy, and visuals are the property of The Security Gator LLC. Some research, drafting, and production here are AI-assisted, with human review on everything that ships. External links are provided for convenience and are not endorsements.

02 · TERMS OF SERVICE

Purchases & licensing

AxiomLens, Engine Core, and AxiomGlass are sold as one-time licenses — you pay once and own what you buy; there is no subscription for the product purchased today. All sales are final. If a product is inoperable on download we will repair it — repair, not refund. Purchases are completed through our storefront (Gumroad), and its policies also apply. First-line support is provided directly by the operator, with a 48-hour response target on business days (Mon–Fri, Central).

03 · PRIVACY POLICY

Your data

We collect as little as possible. Newsletter subscriptions are handled by Beehiiv and store only the email you provide; you can unsubscribe anytime. The products run on your infrastructure — a private database on your own machine, your filesystem, and (optionally) your own BYOK API key. No assessment or client data ever touches our servers. The paid local tiers verify a purchase once at first launch, then run fully offline — no phone-home after activation. AxiomGlass, the online entry tier, runs a lightweight license check each time it opens. Checkout and payment data are handled by our storefronts under their privacy policies.

04 · END-USER LICENSE AGREEMENT

EULA & continuity

Each license grants one named user the right to operate the software, node-locked to that user's hardware and signed with ECDSA P-256. You may not redistribute, resell, or attempt to defeat the licensing or protection mechanisms. You retain full ownership of the data and reports you produce.

The EULA carries a vendor-dissolution continuity commitment: if The Security Gator LLC ever closes, an offline-activation fallback and an unsigned license-generation utility are released so your engine keeps running on new hardware, independent of us. Governed by the laws of the Commonwealth of Kentucky.

Last updated July 19, 2026 · Summaries only, not legal advice — the controlling agreements are provided at checkout. Questions: BigG.TheCreator@TheSecurityGator.com

AxiomLens — by The Security Gator
$ establishing connection — the.security.gator ● online

One link, every channel. Field notes, the engine, and where to find us.

// Read & watch
// Get the tools
// Connect
// Single-org tracker · one-time

AxiomGlass

A single self-contained file that opens in any browser — no subscription, nothing to install, no account to create (your order ID is your license; quick license check on open). Score NIST CSF 2.0 across all 106 subcategories; your answers stay in your browser and export to a file you own. The frictionless on-ramp to AxiomLens when you outgrow it.

$99one-time · yours to keep
AxiomGlass · Single org
NIST CSF 2.0 functions5 / 5
Controls tracked106
Organizations1
Computed coverage & reportsAxiomLens
Your answers export to a clean JSON file you own — ready to carry with you into AxiomLens when you upgrade.
AxiomGlass · Live demo
// Who it's for

Start here when you have one org and a deadline.

Get organized fast

All 106 subcategories laid out and ready to fill — no blank-page paralysis.

Own it outright

$99 once. No subscription — a single file you keep, answers that stay in your browser, exports you own.

Upgrade without rework

When you need computed coverage, scoring and board reports, AxiomLens picks up where Glass leaves off.

Outgrowing a single org?

AxiomGlass is the on-ramp to AxiomLens — the command deck for many clients and environments.

Explore AxiomLens →
// Part of Bayou Bytes · free downloads

Gatorbytes.

Gatorbytes are the free, no-login starter kits that ship inside Bayou Bytes — self-contained files and plain-language guides you can open in any browser and use today. They're the takeaways, not the newsletter issues themselves.

More Gatorbytes every week.

New templates and guides land with each Bayou Bytes issue.

Subscribe free →
// Owner sign-in

Enter your license key.

Owners get downloads, version updates, onboarding, and support here. Your key unlocks this area — your compliance data never leaves your machine.

⚠ Demo gate — a visual placeholder, not real verification. Any key opens the preview. Real activation happens in the product at first launch; this web area wires up next.

Don't have a key yet? Become an owner →

Welcome back, owner.
Key AXLN-····-····-···· · ● active (placeholder)
// LICENSE & STATUS
PRODUCT
AxiomLens
TIER
Founding
SEAT
1 named user
LICENSE
Perpetual

All values are placeholders — the license service populates key, status, tier, seat & expiry on verify.

// DOWNLOADS
AxiomLens engine
v—.—.— · build pending
AxiomGlass
v—.—.— · single-file build
Framework packs
as purchased · drop-in install
// VERSION UPDATES
Release notes appear here

Every engine build and framework pack, with what changed and why.

Update on your schedule

Downloads are yours to keep — nothing auto-updates, nothing phones home after activation.

// GET STARTED
1
Download the engine and verify the checksum.
2
Activate with your license key on your machine.
3
Open the local control panel or run from the CLI.
4
Run your first assessment and export a board report.
// SUPPORT

First-line support direct from the operator — 48 business-hour response, and we repair defects (repair, not refund).

Email support →
// RECEIPTS

Invoices and order history live with your storefront — Gumroad, where you purchased.

This area manages your purchase — license, downloads, and updates. We never store, see, or touch your assessment data; AxiomLens runs entirely on your machine.

{{ lightboxImg }}
ESC
{{ c.label }} {{ c.hint }}
ESC
Frequently searched
{{ r.label }} {{ r.hint }}

Continuity

If The Security Gator disappeared tomorrow, nothing you built would stop working. That's the promise.

  • Your data lives in your own private database and files — never our servers. Cancel us, keep everything.
  • AxiomLens runs locally; the board narrative is a deterministic template by default (optional BYOK uses your own key). Activate once, then no phone-home, no remote kill-switch.
  • Your license is permanent — a one-time purchase you own, not a subscription that can be revoked.
  • Everything exports as plain files — reports and data you can take anywhere, anytime.

How founding pricing works

  • Founding is a bounded window, open now — no countdown games. It locks your price: $599 for the AxiomLens GUI (then $999 standard) and $250 for Engine Core (then $350). A difference, not a discount.
  • Founders keep the difference. Standard steps to $1,199 once the next major GUI update ships — your founding price never changes, and you stay below standard by the same margin.
  • Founding pick-one perk: every founding GUI purchase includes one framework pack of your choice ($199 value) — bounded, one-time.
  • Framework packs are always à la carte at $199 — buy exactly the crosswalks your book needs, when it needs them. No bundle to outgrow.
  • AxiomGlass is $99 flat — never founding-eligible, never steps. Team seats (2–10 named users) price off the prevailing single price; above 10, or any MSP-wide / multi-tenant / white-label use, is a signed MSA.

Questions? BigG.TheCreator@TheSecurityGator.com