FEATURES

Six things Clair actually does.

Not a feature list. The work itself.

Weekly stack scan

Clair scans your stack — websites, supplier list, cloud accounts — every week. Reports drift, new exposures, lapsed certs. No agents to install.

Clair · weekly scan

Scan complete. Three changes since last week: a new public bucket on billing.acme.com , a lapsed TLS cert on the staging API, and a new supplier missing a DPA. I'll draft the supplier email — sound good?

Risks, scored and explained

Every finding gets a severity score and a plain-language explanation. No CVSS jargon, no scare-tactics — just what it means and how much it costs to fix.

Clair · risk view

The biggest hit on your score this week is supplier risk . Two suppliers without DPAs is worth roughly 6 points. Drafting the agreements would take me about ten minutes.

Three actions, ordered

Clair surfaces the three actions that move your score the most this week. Each comes with the time it takes, the score it adds, and the steps to do it.

Clair · this week

Three things would move you from 67 to 73 : send the supplier follow-ups, rotate the CI/CD secrets, and approve the incident-response policy I drafted last Friday.

Policy drafts, ready to sign

Clair drafts the policies your business actually needs — privacy, incident response, supplier management. You and your lawyer sign off; we don't pretend AI does legal review.

Clair · policy draft

I drafted your incident-response policy. It's 1,200 words , reviewed against NIS2 art. 21. Want me to send the diff to your lawyer?

Frameworks, tracked

GDPR, NIS2, DORA, ISO 27001. See exactly where you stand per framework, which controls are met, which are partial, which are open.

Clair · frameworks

GDPR: 84% covered . NIS2: 71%. ISO 27001 Annex A: 62%. The biggest gaps overlap — fix supplier management and you move on all three.

Quarterly check-ups

Every quarter, Clair walks you through a 30-minute self-assessment that satisfies most internal review requirements. Auditors love them.

Clair · Q2 check-up

Q2 check-up scheduled for next Tuesday . Same questions, updated answers — should take 30 minutes. I've pre-filled what I can.

ALSO

Two more, quietly.

Health check-ups

Lightweight monthly pulses between the bigger quarterly reviews. A 5-minute read, mostly green if you've been keeping up.

Ask Clair

Stuck on a question — "do I need to disclose this breach?" — ask in plain English. Clair answers from your specific situation, not a generic FAQ.

See it on your stack.

See these six on your own stack. Book a short demo with a founder.

Request a demo