Compliance you can
actually operate.
A relational engine that turns NIST CSF 2.0[1]NIST Cybersecurity Framework 2.0 — including the new GV.SC (Supply Chain Risk Management) category. nist.gov/cyberframework into computed coverage, scored risk, and an audit-ready board report — running locally on your machine, your data in a private database you control. Bought once. Owned forever — no account, no subscription, nothing phoning home.
Pre-scripted — every number is the real CLT-001 figure. No engine internals exposed.
Own the engine. Don't rent your compliance.
One scannable comparison — the free taste, the single-org tracker, the relational engine, and the everything bundle.
Founding price $249, then $349 standard. Comparison: ComplianceForge ≈ $1,980 static · SaaS GRC $10k+/yr rented.
AxiomLens
By The Security Gator · NIST CSF 2.0, computed and owned
Load any environment's NIST CSF 2.0 assessment — your own, a client's, a subsidiary's — and it computes coverage and maturity, scores risk, and writes an audit-ready board report, with every control ID validated against the real framework. A local application — operate it from a built-in browser control panel, served locally, or from the command line. Closer to a GRC platform than a template.
Eight relational tables, one engine.
Tap a table to see what it holds.
{{ tableDesc }}
Real protection — without the SaaS leash.
Every license is node-locked to your hardware, signed with ECDSA P-256, and fully operational after a single first-run activation. No subscription. No phone-home. No remote kill switch on a paid-up customer. Your machine, your filesystem, your keys, your control.
If The Security Gator LLC ever closes its doors, the EULA carries a vendor-dissolution continuity commitment: an offline-activation fallback and an unsigned license-generation utility get released so your engine keeps running on new hardware, independent of us. That's the trade a compliance lead can actually defend in a vendor-risk review.
Everything you need to run it day one.
Frameworks, Controls, Clients, Control Status, Risks, Remediation, Crosswalk, Reports.
All 106 subcategories, pre-loaded, with references.
Computed metrics, validated IDs, written narrative.
Wipeable sample client, setup guide, and a video walkthrough.
Founding is closed — standard pricing applies.
Founding pricing runs for a fixed time window — the first three weeks, closing ~July 13, 2026. It's a deadline, not a seat cap: buy any time before it closes and your early price is locked.
When the window closes, AxiomLens steps to $349 and the bundle to $549; AxiomGlass stays $60.
Governance Review Cadence.
AxiomLens schedules each governance control on a review interval and shows you, at a glance, what's on track and what's slipping. This is a seeded view of sample client CLT-001 — static status, exactly as the engine would render it.
No orchestration, by design. AxiomLens runs when you run it. Nothing is phoning home, nothing recomputes on a schedule, and your data never leaves your machine. These cadences are reminders the engine surfaces — not jobs it executes for you.
Cadence policy: GOVERN controls reviewed every {{ govCadenceGovern }} days, all others every {{ govCadenceOther }} days; flagged “due soon” within {{ govDueSoon }} days. These are sensible defaults — tune them to your own review policy at the top of the module.
Founding window · closes ~July 13, 2026 · then $349 standard.
Board report — Northbridge Health Partners
The numbers are computed in code, so they're right. The narrative is generated, then checked against the framework before it ships. This is the actual deliverable — explore it by function.
{{ curNote }}
Drag the sliders. Coverage = implemented ÷ in-scope; program maturity is the in-scope-weighted average — the same formulas the engine runs. Nothing is faked.
Northbridge's posture is materially below acceptable risk tolerance for a healthcare telehealth organization. As of Q2 2026, only 38 of 100 controls are fully in place — placing the program in early, inconsistent practice.
The good news: no controls fell through the cracks without an owner, and recovery capabilities show slightly stronger maturity than other areas. The gaps are significant and spread across every function.
The whole thing, as it ships.
Computed snapshot and coverage-by-function up top, then a plain-English narrative — bottom line, where you stand, top risks, and exactly what to fund next quarter.
Read an issue before you subscribe.
Three sections, twelve minutes, every Tuesday — frameworks, configs, and the takes nobody else publishes. Here's the archive.
Twelve minutes a week, every Tuesday.
~8:00 AM Central. No spam, unsubscribe anytime.
One engine. Your entire client book.
Run NIST CSF 2.0 across every engagement from one relational base — computed coverage per client, scored risk, board reports on demand. Licensing tiers and MSAs built for portfolios, not single seats.
Run multiple environments side by side — each client's data isolated in its own private local database.
One-time tiers sized to your book, with clear, plain-language terms.
Continuity commitment and ownership posture that survive a vendor-risk review.
Let's size a license to your client book.
Talk licensing →One engine. A library that keeps growing.
Each release adds two frameworks and the price steps up a rung. Buy in early and you ride the whole climb for free — every framework added after your purchase lands in your library at no extra cost.
Foundations
Map once, satisfy many — the first cross-framework coverage.
Depth + evidence
The most authoritative mapping, plus the cyber-insurance evidence pack.
The marquee
The two everyone asks for — the headline frameworks for SaaS and healthcare.
Own the bundle, own the roadmap.
{{ sepCaption }}
Six frameworks at $299 each = $1,794 separately, versus $999 for the complete bundle. Drop 03 lands free for every bundle owner at ship.
Where the Gator's headed.
The framework drops above ship with the engine. Here's what comes after — filter by horizon.
{{ r.title }}
{{ r.body }}
Directional, not a commitment to dates — sequencing shifts with what customers need most.
The things you'd email to ask.
Data, licensing, dependencies, continuity, support. If it's not here, the line's open.
Still deciding?
First-line support from the operator. 48-hour response on business days.
Terms, privacy & license.
Plain-language summaries of how AxiomLens and AxiomGlass are licensed, how your data is handled, and what you agree to. These summaries are for the web; your purchase is governed by the full agreements provided at checkout.
Using this site
The Security Gator website and its content — guides, articles, and the Bayou Bytes newsletter — are provided for general information, not as legal, compliance, or security advice. Brand marks, copy, and visuals are the property of The Security Gator LLC. Some research, drafting, and production here are AI-assisted, with human review on everything that ships. External links are provided for convenience and are not endorsements.
Purchases & licensing
AxiomLens and AxiomGlass are sold as one-time licenses — you pay once and own what you buy; there is no subscription for the product purchased today. All sales are final. If a product is inoperable on download we will repair it — repair, not refund. Purchases are completed through our storefronts (Gumroad / Polar), and their policies also apply. First-line support is provided directly by the operator, with a 48-hour response target on business days (Mon–Fri, Central).
Your data
We collect as little as possible. Newsletter subscriptions are handled by Beehiiv and store only the email you provide; you can unsubscribe anytime. The products run on your infrastructure — a private database on your own machine, your filesystem, and (optionally) your own AI key. No assessment or client data ever touches our servers, and the engine does not phone home. Checkout and payment data are handled by our storefronts under their privacy policies.
EULA & continuity
Each license grants one named user the right to operate the software, node-locked to that user's hardware and signed with ECDSA P-256. You may not redistribute, resell, or attempt to defeat the licensing or protection mechanisms. You retain full ownership of the data and reports you produce.
The EULA carries a vendor-dissolution continuity commitment: if The Security Gator LLC ever closes, an offline-activation fallback and an unsigned license-generation utility are released so your engine keeps running on new hardware, independent of us. Governed by the laws of the Commonwealth of Kentucky.
Last updated June 18, 2026 · Summaries only, not legal advice — the controlling agreements are provided at checkout. Questions: [email protected]
One link, every channel. Field notes, the engine, and where to find us.
AxiomGlass
A single self-contained file that opens in any browser — no account, no subscription, nothing to install. Score NIST CSF 2.0 across all 106 subcategories; your answers stay on your machine and export to a file you own. A frictionless on-ramp to the AxiomLens engine when you outgrow it.
Start here when you have one org and a deadline.
Get organized fast
All 106 subcategories laid out and ready to fill — no blank-page paralysis.
Own it outright
$60 once. No subscription, runs on your own base, your data stays yours.
Upgrade without rework
When you need computed coverage, scoring and board reports, AxiomLens picks up where Glass leaves off.
Outgrowing a single org?
AxiomGlass credits the way into AxiomLens — the relational engine for many clients and environments.
Gatorbytes.
Gatorbytes are the free, no-login starter kits that ship inside Bayou Bytes — self-contained files and plain-language guides you can open in any browser and use today. They're the takeaways, not the newsletter issues themselves.
NIST CSF 2.0 starter tracker
A single-file board with all 5 functions and 106 subcategories, ready to open in any browser.
Get the template ↗Evidence-collection checklist
What to gather per control so an audit doesn't catch you scrambling.
Get the guide ↗Board-report one-pager
A plain template for turning posture into a page leadership will actually read.
Get the template ↗More Gatorbytes every week.
New templates and guides land with each Bayou Bytes issue.
Enter your license key.
Owners get downloads, version updates, onboarding, and support here. Your key unlocks this area — your compliance data never leaves your machine.
⚠ Demo gate — a visual placeholder, not real verification. Any key opens the preview. Live activation arrives with the AWS key-activation rollout.
Don't have a key yet? Become an owner →
All values are placeholders — the license service populates key, status, tier, seat & expiry on verify.
Every engine build and framework pack, with what changed and why.
Downloads are yours to keep — nothing auto-updates or phones home.
First-line support direct from the operator — 48 business-hour response, and we repair defects (repair, not refund).
Email support →Invoices and order history live with your storefront — Gumroad or Polar, wherever you purchased.
This area manages your purchase — license, downloads, and updates. We never store, see, or touch your assessment data; AxiomLens runs entirely on your machine.