AI-Driven Network Defense

Security Intelligence Without Data Exposure.

NSAuditor AI is an open-core, AI-powered network security scanner. 51 plugins, verified vulnerabilities, MITRE ATT&CK mapping, and hexa-framework compliance evidence — SOC 2 (AICPA TSC), HIPAA §164.312, NIST CSF 2.0, PCI DSS v4.0.1, ISO/IEC 27001:2022, and CIS Critical Security Controls v8 — running entirely on your infrastructure. Your data never touches our servers.

Explore NSAuditor AI → Windows Desktop Suite

51 Scanner Plugins 6 Frameworks SOC 2 · HIPAA · NIST · PCI DSS · ISO 27001 · CIS v8 Zero Data Exfiltration MIT Open Core

nsauditor-ai — scan

$ nsauditor-ai scan --host 10.0.0.0/24 --plugins all --compliance soc2,hipaa,nist-csf,pci-dss,iso-27001,cis-v8

Initializing AI core... [OK]

Scanning 254 hosts · 51 plugins (parallel: 10)…

Critical Vulnerability Found CVE-2024-3321

Mapping to MITRE ATT&CK · SOC 2 CC6.1 · HIPAA §164.312(a) · NIST CSF PR.AC-1 · PCI DSS Req 8.4.1 · ISO 27001 A.8.5 · CIS Safeguard 6.5

Initial Access

Lateral Movement

Engineered for precision

What NSAuditor AI ships

An open-core scanner with verification, intelligence, and hexa-framework compliance evidence — SOC 2, HIPAA, NIST CSF 2.0, PCI DSS v4.0.1, ISO/IEC 27001:2022, and CIS Critical Security Controls v8 — built so your audit trail holds up to a CPA-firm review, a QSA RoC walkthrough, an ISO Stage 2 assessment, and a CIS-CAT self-attestation.

Verified Vulnerabilities

Safe non-destructive probes confirm whether a finding is real. Each issue is tagged VERIFIED, POTENTIAL, or FALSE_POSITIVE — no version-string guessing.

Learn more →

MITRE ATT&CK Mapping

Findings are mapped to MITRE ATT&CK techniques with kill-chain context, so you can show your CISO what an attacker would actually do — not just CVE noise.

See the mapping →

Quad-Framework Compliance

One scan produces six auditor-ready evidence packs: SOC 2 (AICPA TSC 2017), HIPAA §164.312 Technical Safeguards, NIST CSF 2.0, PCI DSS v4.0.1 (sub-requirement-level for QSA RoC; Defined-vs-Customized Approach per Appendix E), ISO/IEC 27001:2022 (per-Annex-A-code with Statement of Applicability discipline), and CIS Critical Security Controls v8 (per-Safeguard with the Implementation Group cumulative discipline — IG1 cyber-insurance baseline / IG2 / IG3; no-certification-body attestation via CSAT / CIS-CAT Pro). RFC 3161 timestamps, SHA-256 chain-of-custody, Vanta push. Zero BAA required.

View Enterprise compliance →

Three editions

Free, Pro, and Enterprise

Start with the MIT-licensed Community Edition. Upgrade only when you need verification, compliance evidence, or cloud scanners.

Community

Free · MIT

27 Community plugins · forever free · no signup

Full scanner plugin set
AI analysis (your API keys)
CTEM watch mode
JSON · HTML · SARIF · CSV
MCP server for AI agents

npm install -g nsauditor-ai

Pro

$39/mo · billed annually

CVE matching, verification, intelligence-enriched AI

Offline CVE matching (NVD)
Parallel analysis agents
Verified vulnerabilities (safe probes)
Risk scoring + prioritization
Branded PDF reports
9 Pro MCP tools

View Pro pricing →

Enterprise

$2k+/yr · 3 tiers

Cloud scanners, hexa-framework compliance, air-gapped

AWS · GCP · Azure scanners
SOC 2 (AICPA TSC) evidence
HIPAA §164.312 evidence
NIST CSF 2.0 evidence
PCI DSS v4.0.1 evidence (QSA RoC)
ISO/IEC 27001:2022 evidence (SoA)
CIS Controls v8 evidence (IG1/IG2/IG3)
Vanta GRC connector
Docker isolation · Air-gapped
Dedicated support SLA

Enterprise tiers →

Award-winning Windows tools

The classic NSAuditor desktop suite

Long-standing desktop product line for network auditing, key recovery, password recovery, and inventory management. Trusted by thousands of administrators.

All desktop tools →

Security Intelligence Without Data Exposure.

What NSAuditor AI ships

Verified Vulnerabilities

MITRE ATT&CK Mapping

Quad-Framework Compliance

Free, Pro, and Enterprise

The classic NSAuditor desktop suite

Network Security Auditor

Product Key Explorer

Password Recovery

Hardware & Software Inventory