Continuous monitoring, mapped to the rules your customers and auditors ask about.
Every SentinelSMB detection is tagged to the compliance frameworks that apply to your industry. When your auditor, insurer, or enterprise client asks for evidence, you have it.
Frameworks Mapped
Ten frameworks. One monitoring layer.
These are the frameworks we map detections to. You do not need to know which ones apply to your business — the mapping is automatic once you tell us your industry.
ABA Model Rule 1.6
Attorney confidentiality
Lawyers owe a duty of confidentiality to their clients. Rule 1.6 requires reasonable efforts to prevent inadvertent disclosure.
Every IRS-authorized tax preparer must have a written information security plan. SentinelSMB provides the monitoring evidence the plan requires.
Identity engines catch credential theft targeting taxpayer data
Pro subscribers get the WISP template pre-filled with monitoring evidence
FTC Safeguards Rule
Financial institution security
The amended Safeguards Rule (effective June 2023) requires continuous monitoring, a designated qualified individual, and documented incident response.
36 engines provide the continuous-monitoring element
Plain-English alerts document incident response in real time
SEC Reg S-P
Adviser & broker notification
The 2024 amendment gives RIAs and broker-dealers 30 days to notify clients of unauthorized access to their sensitive information. Continuous monitoring starts the clock on time.
Detection timestamps anchor the 30-day notification window
OCIE exam evidence package included with Pro
NAIC Model Law 668
Insurance producer security
30+ states require insurance producers to maintain an information security program aligned to NAIC Model Law 668.
Continuous monitoring element satisfied by 5-minute scan cycles
Risk assessment evidence generated from real detection data
CMMC 2.0 Level 2
Defense contractor compliance
Federal contractors handling Controlled Unclassified Information must meet CMMC 2.0 Level 2, which maps to the 110 NIST SP 800-171 security controls.
Monitoring detection covers SI-4 (System Monitoring) family
Identity engines map to AC-2 (Account Management) controls
GLBA Safeguards
Financial institution obligations
Financial institutions under the Gramm-Leach-Bliley Act must protect customer nonpublic personal information (NPI).
Email and data engines detect NPI exfiltration paths
Access-control logs retained for 365 days
NY DFS 23 NYCRR 500
New York cybersecurity regulation
Financial services companies regulated by NY DFS must comply with 23 NYCRR 500, including continuous monitoring, access-control, and audit-logging requirements.
The 110 NIST 800-171 controls protect Controlled Unclassified Information in nonfederal systems. Foundation for CMMC 2.0 and many federal contract clauses.
AU (Audit and Accountability) family covered by audit retention
SI (System and Information Integrity) family covered by detection engines
State Breach Notification
All 50 states
Every US state requires notification to affected individuals when personal information is accessed without authorization. The timing clock starts at detection.
Accurate detection timestamps anchor each state's notification clock
You tell us your industry once. From then on, every detection is tagged to the frameworks that matter to you. No manual mapping, no consultant required.
1. Detection happens
One of the 36 engines flags an event — a foreign sign-in, a new forwarding rule, an OAuth consent grant. The detection carries a timestamp, severity score, and attack-pattern label.
2. Framework tagging
The detection is matched against the frameworks registered for your industry. A credential-theft event for a law firm gets tagged ABA 1.6. The same event for an RIA gets tagged SEC Reg S-P and GLBA. Automatic.
3. Evidence-ready
Every tagged detection becomes part of your live compliance record. Pro subscribers get the Cyber Insurance Evidence Report quarterly — a 7-page audit-ready PDF built from real detection data.
Pro Feature
Cyber Insurance Evidence Report
The 7-page quarterly PDF generated from your real monitoring data — formatted for cyber insurance underwriters, auditors, and enterprise-client security questionnaires. Every framework mapping included, every detection timestamp referenced, every audit trail linked.