Backed by

EWOR

The AI compliance officer

Your full-time AI employee that does the compliance work and gets you certified.

Book a demo →

Built by professionals from

EYJ.P. Morgan

Manifest gets you compliant with any framework you need, fast.

SOC 2
Type I & II
ISO 27001
Information security
HIPAA
Healthcare data
EU AI Act
High-risk AI
GDPR
Data protection
DORA
Operational resilience

…and hundreds more

Manifest handles everything, from your first policy to every release thereafter.

Your policies, written for you.

Manifest drafts every policy and fills the blanks from what it reads in your code, docs and infra. All you have to do is approve.

Draft my policies
Information Security Policy Agent drafting…
Policy owner
Scope
Encryption at rest
Review cadence

Manifest connects with all your apps.

Manifest integrates with your apps and gathers the evidence and documents an audit needs, so you don't have to.

Connect my stack
Evidence collection14 items this period
Okta
GitHub
AWS
Vanta
Datadog
Syncing connected apps…

Compliance that holds between audits.

Controls are re-checked on every deploy, ticket and SLA. Drift surfaces the moment it happens, not at renewal.

See monitoring live
Continuous compliance Live
0/42controls passing
Access control12/12
Change management9/9
Data protection10/11
Availability7/10

Re-checked on every deploy, ticket and access change.

Compliance for your AI.

Manifest audits your models and agents for injection surface and unguarded operations. Incumbents don't.

Audit my agents
LLM & agent compliance2 critical
Highest exposure · support-agent

Database access with no destructive-query guard is one prompt injection away from data loss.

Destructive queries unguarded
Prompt-injection surface open
PII columns access-scoped
Output guardrails logged

Manifest is the first full AI compliance officer.

It works in the background and does every compliance task for you.

Compliance, end-to-end

Get and stay compliant with automation and continuous monitoring the whole way.

Completion87%

115 checks automated

Penetration testing

Any pen test, any time. Don't spend thousands on third parties.

Auth bypassCritical
Rate limitingMedium
TLS configFixed

LLM compliance

Your models and agents audited for injection surface, guardrails and logs.

support-agentGuarded
rag-pipelineScanning
eval-runnerGuarded

Our own frameworks

Purpose-built frameworks that get you compliant much faster.

SOC 2

87%

ISO 27001

58%

GDPR

42%

HIPAA

36%
VantaVanta
AWSAWS
Google CloudGoogle Cloud
GitHubGitHub
GitLabGitLab
OktaOkta
JiraJira
SlackSlack
NotionNotion
CloudflareCloudflare
MongoDBMongoDB
LinearLinear

Plug it in once. It runs in the background.

Manifest connects to your stack simply by adding it as a user, and pulls the context compliance needs: code, tickets, infra, access.

Everyone sells tools. Manifest is an employee that uses your tools.

Dashboards leave the work to you. Consultants do it once, by hand. Manifest runs it continuously.

Legacy dashboard
Consultancies
Pen-test firms
manifest
Completed policies, evidence & code fixes
~1 week, agent does the work
Every PR, against OWASP
Live on every deploy, SLA & ticket
Injection & agent risk built in
Co-developed with a Big Four firm
From £500/mo, all-in
What you actually get
A dashboard you fill in yourself
Slide decks & manual reports
A one-off PDF of findings
Setup effort
~30 days of your team's time
Months, billed by the hour
Weeks of scheduling
Reads your code
No, process adherence only
No
Once, for £3k–£100k
Continuous monitoring
Annual observation window
None
None
LLM & AI compliance
Not covered
Manual, case by case
Rarely in scope
Framework rigour
Generic templates
Depends on the consultant
As good as the firm's name
Price
~£1,200/mo + audits + pen test
£200–£500 / hour
£3k–£100k per test

Try Manifest for free.

One price with audits, monitoring and code scanning included.

Starter

£500/month

Your first framework, done right

  • One framework: SOC 2 or ISO 27001
  • Agent-drafted policies & documents
  • Automatic evidence collection
  • Email support
Get started
Most popular

Pro

£1,500/month

For startups shipping into enterprise

  • All frameworks, incl. HIPAA & EU AI Act
  • Codebase & PR scanning (OWASP)
  • Continuous monitoring on every release
  • LLM & agent compliance
  • Priority Slack support
Get started

Enterprise

Custom

Embedded compliance operations

  • Unlimited frameworks & engagements
  • Dedicated agent runtime
  • SSO & custom integrations
  • Auditor network access
  • SLA + dedicated CSM
Talk to sales

FAQ

Audits are still performed by independent auditors. Manifest does all the preparation, from policies to evidence to monitoring, so the audit itself is a formality.