{"id":50190065,"url":"https://github.com/verifywise-ai/verifywise","last_synced_at":"2026-06-07T13:01:04.608Z","repository":{"id":253710333,"uuid":"844279282","full_name":"verifywise-ai/verifywise","owner":"verifywise-ai","description":"Complete AI governance and LLM Evals platform with support for EU AI Act, ISO 42001, NIST AI RMF and 20+ more AI frameworks and regulations. Join our Discord channel: https://discord.com/invite/d3k3E4uEpR","archived":false,"fork":false,"pushed_at":"2026-06-03T10:57:18.000Z","size":238932,"stargazers_count":297,"open_issues_count":56,"forks_count":104,"subscribers_count":3,"default_branch":"develop","last_synced_at":"2026-06-03T12:23:06.179Z","etag":null,"topics":["ai","ai-auditing","ai-compliance","ai-governance","ai-governance-model","ai-risk","audit","auditing","compliance","eu-ai-act","governance","grc","iso27001","iso42001","llm-eval","llm-evaluation","nist-ai-rmf","risk-management"],"latest_commit_sha":null,"homepage":"https://verifywise.ai","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/verifywise-ai.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGE_HISTORY_IMPLEMENTATION_GUIDE.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-08-18T23:02:10.000Z","updated_at":"2026-06-01T23:05:17.000Z","dependencies_parsed_at":"2024-10-23T18:36:44.781Z","dependency_job_id":"a9f85c1b-8749-442b-8056-ae43b324c4dd","html_url":"https://github.com/verifywise-ai/verifywise","commit_stats":null,"previous_names":["bluewave-labs/bluewave-trustcenter","bluewave-labs/verifywise","verifywise-ai/verifywise"],"tags_count":54,"template":false,"template_full_name":null,"purl":"pkg:github/verifywise-ai/verifywise","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verifywise-ai%2Fverifywise","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verifywise-ai%2Fverifywise/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verifywise-ai%2Fverifywise/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verifywise-ai%2Fverifywise/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/verifywise-ai","download_url":"https://codeload.github.com/verifywise-ai/verifywise/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/verifywise-ai%2Fverifywise/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34022032,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-07T02:00:07.652Z","response_time":124,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","ai-auditing","ai-compliance","ai-governance","ai-governance-model","ai-risk","audit","auditing","compliance","eu-ai-act","governance","grc","iso27001","iso42001","llm-eval","llm-evaluation","nist-ai-rmf","risk-management"],"created_at":"2026-05-25T13:00:22.621Z","updated_at":"2026-06-07T13:01:04.595Z","avatar_url":"https://github.com/verifywise-ai.png","language":"TypeScript","funding_links":[],"categories":["*Ops for AI","Tools","Digital Regulation"],"sub_categories":["Model Monitoring \u0026 Governance","AI Governance"],"readme":"[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/bluewave-labs/verifywise)\n![](https://img.shields.io/github/repo-size/bluewave-labs/verifywise)\n![](https://img.shields.io/github/commit-activity/m/bluewave-labs/verifywise)\n![](https://img.shields.io/github/last-commit/bluewave-labs/verifywise)\n![](https://img.shields.io/github/languages/top/bluewave-labs/verifywise)\n![](https://img.shields.io/github/issues/bluewave-labs/verifywise)\n![](https://img.shields.io/github/issues-pr/bluewave-labs/verifywise)\n\n\u003cimg width=\"3182\" height=\"2570\" alt=\"github\" src=\"https://github.com/user-attachments/assets/6feb9d3d-19c1-42c2-a9f5-908db8694f8f\" /\u003e\n\n[VerifyWise](https://verifywise.ai) is a source available AI governance platform designed to help businesses use the power of AI safely and responsibly. Our platform ensures compliance and robust AI management without compromising on security.\n\nWe are democratizing AI best practices with a solution that can be hosted on-premises, giving you complete control over your AI governance.\n\n## Quick links\n\n- [Join our Discord channel](https://discord.com/invite/d3k3E4uEpR) to ask your questions and get the latest announcemnets.\n- [Need to talk to someone](https://verifywise.ai/contact)? Get with us to see the latest demo, or [click here](https://app.verifywise.ai) to experience the demo yourself.\n- [Read our documentation](https://verifywise.ai/user-guide/) to understand features and capabilities\n\n## Screenshots\n\n\n| The main dashboard | LLM Evals |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1615\" height=\"942\" alt=\"image\" src=\"https://github.com/user-attachments/assets/32dd22f8-3e9b-40d8-96e5-ba64f4c03f5e\" /\u003e | \u003cimg width=\"1600\" height=\"923\" alt=\"image\" src=\"https://github.com/user-attachments/assets/dc598a33-486f-4424-988d-4cca5e9420c2\" /\u003e |\n| |\n\n| EU AI Act project view | AI Use case risks |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1647\" height=\"860\" alt=\"image\" src=\"https://github.com/user-attachments/assets/07b8f0e8-6358-4094-b17e-69cb347d622f\" /\u003e | \u003cimg width=\"1653\" height=\"914\" alt=\"image\" src=\"https://github.com/user-attachments/assets/f399b206-f928-454a-a432-e7e5e343d7ce\" /\u003e |\n\n| AI Risk management | AI Model inventory |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1637\" height=\"864\" alt=\"image\" src=\"https://github.com/user-attachments/assets/45c16d83-0e3b-4a71-814e-d7bdeaa492fd\" /\u003e | \u003cimg width=\"1637\" height=\"861\" alt=\"image\" src=\"https://github.com/user-attachments/assets/225e10d1-845a-4437-b90f-ce97106c3688\" /\u003e |\n\n| AI Model risks | AI Policy manager and policy templates |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1647\" height=\"860\" alt=\"image\" src=\"https://github.com/user-attachments/assets/cf67a9ae-c9f6-4eff-a0c3-5fc1dbe4b994\" /\u003e | \u003cimg width=\"1633\" height=\"861\" alt=\"image\" src=\"https://github.com/user-attachments/assets/2ef1bcc8-e6e6-47de-9291-2157ff1ed35c\" /\u003e |\n\n| AI vendors and vendor risks | AI Incident management (with filter example) |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1662\" height=\"914\" alt=\"image\" src=\"https://github.com/user-attachments/assets/26e8d3d3-6e79-4c5a-8058-f63e49a9e239\" /\u003e | \u003cimg width=\"1727\" height=\"900\" alt=\"image\" src=\"https://github.com/user-attachments/assets/4b0929f5-d7f1-4998-b8b5-acf62c4051a0\" /\u003e |\n\n| AI Trust Center | Automations |\n| ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- |\n| \u003cimg width=\"1726\" height=\"895\" alt=\"image\" src=\"https://github.com/user-attachments/assets/0359f312-c61c-4c01-b66b-97ec035e74c5\" /\u003e | \u003cimg width=\"1740\" height=\"897\" alt=\"image\" src=\"https://github.com/user-attachments/assets/3d9c6d75-d1ff-41c3-aa81-1213c363d64a\" /\u003e |\n\n| Reporting | |\n| ----------------------------------------------------------------------------------------------------------------------------------- | --- |\n| \u003cimg width=\"1735\" height=\"898\" alt=\"image\" src=\"https://github.com/user-attachments/assets/5849beee-1639-45f5-94e8-4b5f156b455d\" /\u003e | |\n\n## Features\n\n![VerifyWise platform](https://github.com/user-attachments/assets/2d05cd1f-f67b-45d2-aca4-1fdcde287a44)\n\n- Option to host the application on-premises or in a private cloud\n- Source available license (BSL 1.1). Dual licensing is also available for enterprises\n- Faster audits using AI-generated answers for compliance and assessment questions\n- Full access to the source code for transparency, security audits, and customization\n- Docker and Kubernetes deployment (also deployable on render.com and similar platforms)\n- User registration, authentication, and role-based access control (RBAC) support\n- Major features:\n - Support for EU AI Act, ISO 42001, NIST AI RMF and ISO 27001\n - Dashboard: executive view \u0026 operating view\n - Vendors \u0026 vendor risks\n - AI use cases and risks\n - Global tasks with timeline view\n - Complete LLM Evals and LLM Arena\n - Evidence center with folder structure\n - AI trust center for public view\n - AI literacy training registery\n - AI Advisor, AI-powered chat interface providing governance recommendations\n - AI Detection Module, which scans code repositories to identify AI-generated content.\n - Shadow AI detection and risk management\n - AI agent discovery\n - Activity history for each entity\n - Integration with MIT and IBM AI risk repository\n - Model inventory and model risks that keeps a list of models used and risks\n - Policy manager to create and manage internal company AI policies\n - Risk and control mappings for EU AI Act, ISO 42001, NIST AI RMF and ISO 27001\n - CE Marking registry\n - Dataset registry\n - Desktop notifications\n - Approval workflows \u0026 approval requests\n - Detailed reports with PDF and DOCX export\n - Event logs (audits) for enterprise organizations\n - AI incident management\n - Plugins support with more than 15+ plugins (and counting)\n - Automations (when an entity changes, do this, or send period reports, or send webhooks)\n - Google OAuth2 and Entra ID (enterprise edition) support for authentication\n\n## Installation\n\nThe VerifyWise application has two components: a frontend built with React.js and a backend built with Node.js. At present, you can use `npm` (for development) or Docker/Kubernetes (production) to run VerifyWise. A PostgreSQL database is required.\n\n### Installation using npm (for development)\n\nPrerequisites:\n\n- npm and Docker\n- Python 3.12+ (for EvalServer)\n- A running PostgreSQL, preferably as a Docker image (eg. using `docker pull postgres:latest`)\n- Available ports: 5173 (frontend), 3000 (backend), 5432 (database), 6379 (Redis), 8000 (EvalServer)\n\n#### Step 1: Clone, install dependencies, and set up databases\n\nFirst, clone the repository to your local machine and go to verifywise directory. Then, navigate to the Clients directory and install the dependencies:\n\n```\ngit clone https://github.com/bluewave-labs/verifywise.git\ncd verifywise\ncd Clients\nnpm install\ncd ../Servers\nnpm install\n```\n\nGo to the root directory and copy the contents of .env.dev to the .env file. For security, you must set a strong and unpredictable JWT_SECRET in your .env file. This secret is used to sign and verify your JWT tokens, so it must be kept private and cryptographically secure. You can generate a 256-bit base64-encoded secret using `openssl rand -base64 32`.\n\n```\ncd ..\ncp .env.dev Servers/.env\n```\n\nIn `.env` file, change FRONTEND_URL and set your super admin credentials:\n\n```\nFRONTEND_URL=http://localhost:5173\nSUPERADMIN_EMAIL=admin@verifywise.com\nSUPERADMIN_PASSWORD=ChangeMe!Str0ng\n```\n\n**Important:** Change `SUPERADMIN_PASSWORD` to a strong password (minimum 8 characters). These credentials are used to create the initial super admin account on first setup.\n\nNote: CORS is automatically configured to allow requests from the same host (localhost, 127.0.0.1) where the backend is running.\n\nRun the PostgreSQL container with the following command:\n\n```\ndocker run -d --name mypostgres -p 5432:5432 -e POSTGRES_PASSWORD={env variable password} postgres\n```\n\nRun redis with following command:\n\n```\ndocker run -d --name myredis -p 6379:6379 redis\n```\n\nAccess the PostgreSQL container and create the verifywise database:\n\n```\ndocker exec -it mypostgres psql -U postgres\nCREATE DATABASE verifywise;\n```\n\n#### Step 2: Set up EvalServer (for LLM evaluations)\n\nEvalServer is a Python-based service that handles LLM evaluations. If you want to use the evaluation features, follow these steps:\n\n```\ncd EvalServer\npython3.12 -m venv venv\nsource venv/bin/activate\npip install -r requirements.txt\n```\n\nSet up the environment file. You can copy the minimal `.env.example` file in the EvalServer directory:\n\n```\ncp .env.example .env\n```\n\n#### Step 3: Start the application\n\nNavigate to the EvalServer/src directory, activate the virtual environment (if not already activated), and start the server:\n\n```\ncd EvalServer/src\nsource ../venv/bin/activate\npython app.py\n```\n\nNavigate to the Servers directory and start the server in watch mode:\n\n```\ncd Servers\nnpm run watch\n```\n\nNavigate to the Clients directory and start the client in development mode:\n\n```\ncd Clients\nnpm run dev\n```\n\n**Note:** Make sure to replace {env variable password} with the actual password from your environment variables.\n\n**Note:** On a fresh setup, a super admin account is created automatically using the `SUPERADMIN_EMAIL` and `SUPERADMIN_PASSWORD` environment variables. Log in with these credentials, then create an organization and invite users to get started. The login page will display a banner guiding you through this process.\n\n### Installation using Docker (production)\n\nFirst, ensure you have the following installed:\n\n- npm\n- Docker\n- Docker Compose\n\nCreate a directory in your desired folder:\n\n```\nmkdir verifywise\ncd verifywise\n```\n\nDownload the required files using wget:\n\n```\ncurl -O https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/install.sh\ncurl -O https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/.env.prod\n```\n\nMake sure to change the JWT_SECRET variable to your liking, set your super admin credentials (`SUPERADMIN_EMAIL` and `SUPERADMIN_PASSWORD`), and change `localhost` to the IP of the server. An example is shown below:\n\n```\nBACKEND_URL=http://64.23.242.4:3000\nFRONTEND_URL=http://64.23.242.4:8080\nSUPERADMIN_EMAIL=admin@verifywise.com\nSUPERADMIN_PASSWORD=YourStr0ngPassword!\n```\n\nNote: CORS is automatically configured to allow requests from the same host where the backend is running.\n\nChange the permissions of the `install.sh` script to make it executable, and then execute it.\n\n```\nchmod +x ./install.sh\n./install.sh\n```\n\nNow the server is running on the IP and the port you defined in .env.prod file (8080 by default).\n\nIf the install.sh script doesn't work for some reason, try the following commands:\n\n```\ndocker-compose --env-file .env.prod up -d backend\ndocker ps # to confirm\ndocker-compose --env-file .env.prod up -d frontend\ndocker ps # to confirm\n```\n\nIf you want to re-run install.sh for some reason (e.g want to change a configuration in .env.prod file), first stop all Docker containers before starting a new one:\n\n```\ndocker-compose --env-file .env.prod down\n./install.sh\n```\n\n**Note:** On a fresh setup, a super admin account is created automatically using the `SUPERADMIN_EMAIL` and `SUPERADMIN_PASSWORD` environment variables. Log in with these credentials, then create an organization and invite users to get started.\n\n### Installing SSL\n\nHere are the steps to enable SSL on your system.\n\n1. Make sure to point domain to VM IP\n\n2. Install Nginx:\n\n```\nsudo apt update\nsudo apt install nginx -y\n```\n\n3. Create a config file (`/etc/nginx/sites-available/verifywise`) with the following content. Change the domain name accordingly.\n\n```\nserver {\n server_name domainname.com;\n\n client_max_body_size 200M;\n\n # Custom error page for maintenance/upgrades\n error_page 502 503 504 /upgrade.html;\n\n location = /upgrade.html {\n root /var/www/verifywise;\n internal;\n }\n\n location / {\n proxy_pass http://localhost:8080;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host $host;\n proxy_cache_bypass $http_upgrade;\n }\n\n location /api/ {\n proxy_pass http://localhost:3000;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection 'upgrade';\n proxy_set_header Host $host;\n proxy_cache_bypass $http_upgrade;\n }\n }\n```\n\n4. Create the directory for custom error pages and copy the upgrade page:\n\n```\nsudo mkdir -p /var/www/verifywise\nsudo curl -o /var/www/verifywise/upgrade.html https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/Clients/upgrade.html\n```\n\n5. Enable the config:\n\n```\nsudo ln -s /etc/nginx/sites-available/verifywise /etc/nginx/sites-enabled/\nsudo nginx -t\nsudo systemctl restart nginx\n```\n\n6. Install Certbot for SSL:\n\n```\nsudo apt install certbot python3-certbot-nginx -y\n```\n\n7. Obtain SSL certificate. Change the domain name accordingly.\n\n```\nsudo certbot --nginx -d domainname.com\n```\n\n8. Update the `.env.prod` to point to correct domain. Change the domain name accordingly.\n\n```\nBACKEND_URL=https://domainname.com/api\nFRONTEND_URL=https://domainname.com\n```\n\nNote: CORS is automatically configured to allow requests from the same host where the backend is running.\n\n9. Restart the application\n\n```\n./install.sh\n```\n\n**Note:** The Nginx configuration includes custom error pages that display a professional \"upgrading\" message instead of the default \"502 Bad Gateway\" error when the servers are not running or during maintenance.\n\n### Email configuration\n\nVerifyWise supports multiple email service providers through a provider abstraction layer, enabling administrators to choose the most suitable email service for their organization. The system includes security enhancements such as TLS enforcement, input validation and credential rotation for supported providers.\n\nBelow is a list of supported email providers. You can use [this documentation](https://verifywise.ai/user-guide/settings/email-configuration) to setup the email service of your choice.\n\n- **Exchange Online (Office 365)** - Microsoft's cloud email service\n- **On-Premises Exchange** - Self-hosted Exchange servers\n- **Amazon SES** - AWS Simple Email Service\n- **Resend** - Developer-focused email API\n- **Generic SMTP** - SMTP support for any provider\n\n### Ports\n\nYou’ll need to open ports 80 and 443 so VerifyWise can be accessed from the internet.\n\n## Security\n\nIf you find a vulnerability, please report it [here](https://github.com/bluewave-labs/verifywise/security/advisories/new).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fverifywise-ai%2Fverifywise","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fverifywise-ai%2Fverifywise","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fverifywise-ai%2Fverifywise/lists"}