complyform assess
Map scanned resources to framework controls and produce compliance findings.
complyform assess [options]Options
Section titled “Options”| Flag | Type | Default | Description |
|---|---|---|---|
--frameworks | string | — | Comma-separated framework IDs to assess against |
--format | json|terminal|html|sarif | terminal | Output format. SARIF = v2.1.0 (all tiers). HTML requires Pro+. |
--severity | critical|high|all | all | Filter findings by minimum severity |
--attest | bool | false | Produce in-toto v1 attestation. Unsigned at all tiers. Ed25519-signed at Team+ (SPEC-017). |
--attest-output | path | ./attestation.json | Attestation output path |
--cross-validate | bool | false | Cross-validate against cloud-native CSPM tools (SCC, Security Hub, Defender). Team+. |
--iam-analysis | bool | false | Include IAM least-privilege analysis. Team+. |
--estimate-cost | bool | false | Include compliance cost impact estimation. Team+. |
--explain | bool | false | Append deterministic explanations for FAIL findings. Add --ai for AI-enhanced (Pro+). (SPEC-003) |
--no-upgrade-hints | bool | false | Suppress framework overlap upsell section (SPEC-004) |
Examples
Section titled “Examples”Assess against SOC 2:
complyform assess --frameworks=soc2JSON output for CI pipelines:
complyform assess --frameworks=soc2 --format=jsonSARIF for GitHub Code Scanning:
complyform assess --frameworks=soc2 --format=sarifMulti-framework assessment:
complyform assess --frameworks=soc2,hipaa,iso27001Full cloud intelligence stack (Team+):
complyform assess --frameworks=soc2 --cross-validate --iam-analysis --estimate-cost