https://github.com/unicistech/unicis-platform-ce
A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management tailored to your needs.
https://github.com/unicistech/unicis-platform-ce
all-in-one awareness-app compliance-automation compliance-platform cybersecurity cybersecurity-tools governance-risk-compliance grc open-source opensource privacy privacy-tools risk-management security
Last synced: 3 months ago
JSON representation
A modern, all-in-one Governance, Risk & Compliance (GRC) solution designed for privacy, security, and compliance teams. As an open-source alternative to Vanta and Drata, this platform empowers teams with full control, flexibility, and transparency—no vendor lock-in, just powerful compliance automation and risk management tailored to your needs.
- Host: GitHub
- URL: https://github.com/unicistech/unicis-platform-ce
- Owner: UnicisTech
- License: apache-2.0
- Created: 2023-10-08T10:48:22.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-10-25T10:40:11.000Z (8 months ago)
- Last Synced: 2025-10-25T12:22:02.872Z (8 months ago)
- Topics: all-in-one, awareness-app, compliance-automation, compliance-platform, cybersecurity, cybersecurity-tools, governance-risk-compliance, grc, open-source, opensource, privacy, privacy-tools, risk-management, security
- Language: TypeScript
- Homepage: https://www.unicis.tech/docs/unicis_platform
- Size: 9.22 MB
- Stars: 59
- Watchers: 2
- Forks: 40
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- Funding: .github/FUNDING.yml
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Awesome Lists containing this project
README
# ⭐️ Unicis Platform Community (free and open source)
Unicis Platform Community Edition - an open core, enterprise-ready trust management platform for startups and SMEs.
Please star ⭐ the repo if you want us to continue developing and improving the Unicis Platform! 😀
## 🗄️ Available Frameworks and Standards
- [General Data Protection Regulation - GDPR](https://www.unicis.tech/frameworks/gdpr?mtm_campaign=GitHub%20readme)
- [Minimum Viable Secure Product - MVSP](https://www.unicis.tech/frameworks/mvsp?mtm_campaign=GitHub%20readme)
- [ISO 27001:2013 & ISO 27001:2022](https://www.unicis.tech/frameworks/iso27k?mtm_campaign=GitHub%20readme)
- [NIST Cybersecurity Framework 2.0](https://www.unicis.tech/frameworks/nist-csf2?mtm_campaign=GitHub%20readme)
- [Directive (EU) 2022/2555 NIS 2](https://www.unicis.tech/frameworks/eu-nis2?mtm_campaign=GitHub%20readme)
- [CIS Critical Security Controls Version 8.1](https://www.unicis.tech/frameworks/cis?mtm_campaign=GitHub%20readme)
- [Criteria Catalogue C5:2020](https://www.unicis.tech/frameworks/c5?mtm_campaign=GitHub%20readme)
- [SOC2 Type II - System and Organization Controls](https://www.unicis.tech/frameworks/soc?mtm_campaign=GitHub%20readme)
### Coming Next
- EU Cyber Resilience Act (CRA)
- EU Digital Operational Resilience Act (DORA)
- Payment Card Industry Data Security Standard (PCI-DSS)
- Cloud Controls Matrix and CAIQ v4 (CSA CCM v4)
- ISO/IEC 42001:2023 - AI management systems
- Trusted Information Security Assessment Exchange (TISAX)
- EU AI Act
- Custom ...
## 📖 Additional Resources
- [Unicis Platform getting started documentation](https://www.unicis.tech/docs/unicis_platform?mtm_campaign=GitHub)
## 🛠️ Built With
- [SaaS-Starter-Kit](https://github.com/boxyhq/saas-starter-kit/)
- [Next.js](https://nextjs.org)
- [Tailwind CSS](https://tailwindcss.com) and [Atlaskit](https://atlaskit.atlassian.com/)
- [Postgres](https://www.postgresql.org)
- [React](https://reactjs.org)
- [Prisma](https://www.prisma.io)
- [TypeScript](https://www.typescriptlang.org)
- [SAML Jackson](https://github.com/boxyhq/jackson) (Provides SAML SSO, Directory Sync)
- [Svix](https://www.svix.com/) (Provides Webhook Orchestration)
- [Retraced](https://github.com/retracedhq/retraced) (Provides Audit Logs Service)
- Endpoints collection (Provided by [Osquery](https://osquery.io/))
- [Resend](https://resend.com/) (Email delivery)
- [Bearer](https://github.com/Bearer/bearer) (Code security scanning tool (SAST))
## 🚀 Deployment
We are working on one-click deployment solution with popular platforms. For advance users please use the below section.
## ✨ Getting Started
Please follow these simple steps to get a local copy up and running.
> [!TIP]
> The fastest and easiest way to get started with Unicis Platform is through the [free trial of cloud instance available here](https://platform.unicis.tech/?mtm_campaign=GitHub).
### Prerequisites
- Node.js (Version: >=18.x)
- PostgreSQL
- NPM
- Docker compose
### Development
#### 1. Setup
- [Fork](https://github.com/UnicisTech/unicis-platform-ce/fork) the repository
- Clone the repository by using this command:
```bash
git clone https://github.com//unicis-platform-ce.git
```
#### 2. Go to the project folder
```bash
cd unicis-platform-ce
```
#### 3. Install dependencies
```bash
npm install
```
#### 4. Set up your .env file
Duplicate `.env.example` to `.env`.
```bash
cp .env.example .env
```
#### 5. Create a database (Optional)
To make the process of installing dependencies easier, we offer a `docker-compose.yml` with a Postgres container.
```bash
docker-compose up -d
```
#### 6. Set up database schema
```bash
npx prisma db push
```
#### 7. Start the server
In a development environment:
```bash
npm run dev
```
#### 8. Start the Prisma Studio
Prisma Studio is a visual editor for the data in your database.
```bash
npx prisma studio
```
#### 9. Testing
We are using [Playwright](https://playwright.dev/) to execute E2E tests. Add all tests inside the `/tests` folder.
Update `playwright.config.ts` to change the playwright configuration.
##### Install Playwright dependencies
```bash
npm run playwright:update
```
##### Run E2E tests
```bash
npm run test:e2e
```
_Note: HTML test report is generated inside the `report` folder. Currently supported browsers for test execution `chromium` and `firefox`_
#### 10. Generate SBOM
We use [syft](https://github.com/anchore/syft) tool for generating SBOM
```bash
syft dir:unicis-platform -o spdx-json > sbom-spdx.json
syft dir:unicis-platform -o cyclonedx-xml > sbom-cyclonedx.xml
```
## Modules
- [Record of Processing Activities](https://www.unicis.tech/docs/platform/using/record-processing-actitivities?mtm_campaign=GitHub)
- [Transfer Impact Assessment](https://www.unicis.tech/docs/platform/using/transfer-impact-assessment?mtm_campaign=GitHub)
- [Privacy Impact Assessment](https://www.unicis.tech/docs/platform/using/privacy-impact-assessment?mtm_campaign=GitHub)
- [Cybersecurity Controls: MVSP](https://www.unicis.tech/docs/platform/using/cybersecurity-management-system?mtm_campaign=GitHub)
- [Interactive Awareness Program](https://www.unicis.tech/docs/platform/using/awareness-program?mtm_campaign=GitHub)
- [Cybersecurity Risk Management](https://www.unicis.tech/docs/platform/using/risk-management?mtm_campaign=GitHub)
## 🥇 Features
- Create account
- Sign in with Email and Password
- Sign in with Magic Link
- Sign in with SAML SSO
- Sign in with Google [[Setting up Google OAuth](https://support.google.com/cloud/answer/6158849?hl=en)]
- Sign in with GitHub [[Creating a Github OAuth App](https://docs.github.com/en/developers/apps/building-oauth-apps/creating-an-oauth-app)]
- Directory Sync (SCIM)
- Update account
- Create team
- Invite users to the team
- Manage team members
- Update team settings
- Webhooks & Events
- Internationalization (see supporting languages below)
- Audit logs
- Roles and Permissions
- Dark mode
- Custom AI chatbot
## Supported languages 🌐
1. EN: English
2. FR: French
3. ES: Spanish
4. DE: German
> [!NOTE]
> Help with translating it to other languages via our [Weblate translation platform](https://locales.unicis.tech/weblate/projects/unicis-platform/).
## ✨ Contributing
Thanks for taking the time to contribute! Contributions make the open-source community a fantastic place to learn, inspire, and create. Any contributions you make are greatly appreciated.
Please try to create bug reports that are:
- _Reproducible._ Include steps to reproduce the problem.
- _Specific._ Include as much detail as possible: which version, what environment, etc.
- _Unique._ Do not duplicate existing opened issues.
- _Scoped to a Single Bug._ One bug per report.
[Contributing Guide](https://github.com/UnicisTech/unicis-platform-ce/blob/main/CONTRIBUTING.md)
## 🤩 Community
Let's develop an open-source competitor to Drata, Vanta, Auditboard, Strike Graph, and Secureframe, and more.
Help us build a future GRC by [supporting us](https://www.unicis.tech/community?mtm_campaign=GitHub).
- [Discord](https://discord.com/invite/8TwyeD97HD) (For live discussion with the Open-Source Community and Unicis team)
- [X](https://twitter.com/UnicisTech) / [LinkedIn](https://www.linkedin.com/company/unicis-tech-oü/) / [Mastodon](https://mastodon.xyz/@unicis_tech) (Follow us)
- [Vimeo](https://vimeo.com/user183384852) (Watch community events and tutorials)
- [GitHub Issues](https://github.com/UnicisTech/unicis-platform-ce/issues) (Contributions, report issues, and product ideas)
## 📘 Knowledge Hub
On [this page](https://www.unicis.tech/kb?mtm_campaign=GitHub) you will find everything you may need to know in order to install, configure, maintain and customize an Unicis Platform. Use the links below to navigate.
## Star History
[](https://star-history.com/#UnicisTech/unicis-platform-ce&Date)
## 🌍 Contributors
Made with [contrib.rocks](https://contrib.rocks).
## 🛡️ License
[Apache 2.0 License](https://github.com/UnicisTech/unicis-platform-ce/blob/community-edition/LICENSE)