New — now in CATAAM

The OKF Context Engine

Your entire compliance program — controls, assets, tests and findings — exported as an open, portable, AI-readable graph. Ready for Claude, for your auditors, for any tool. No lock-in.

Book a demoUse it with Claude (MCP)

What is OKF?

Open Knowledge Format is Google’s open, vendor-neutral standard for packaging information as graph-linked Markdown files that AI agents read natively. CATAAM serialises your compliance graph into OKF — so any AI tool, not just ours, can use it.

How it works

1

Compile

Your controls, requirements, assets, tests and findings are rendered as linked Markdown — a graph an AI agent can traverse.

2

Sign

Each bundle is hashed and Ed25519-signed, so it is a verifiable, point-in-time record auditors can trust.

3

Deliver

Sync continuously to your own Git repo, or download a signed bundle from CATAAM — your choice, no credentials required for download.

4

Consume

Point Claude (via MCP), your auditors, or any tool at the bundle. Open format, no lock-in.

Why teams adopt it

Audit-ready in seconds

Hand auditors a complete, verifiable repository of your compliance history instead of a spreadsheet scramble.

No data lock-in

An open, vendor-neutral format you own — neutralising the classic SaaS lock-in objection.

Always current

Recompiled as your posture changes, so the context your AI sees is never stale.

AI-native

Built for the Model Context Protocol — your compliance program, at your assistant’s fingertips.

Ahead of the field

The first open, AI-native compliance graph

CATAAM is the first GRC and security platform to make your compliance program portable and AI-native — pairing it with real offensive security (iASM & breach simulation) in one platform.

Frequently asked

What is the OKF Context Engine?
It is a CATAAM add-on that compiles your live compliance program — requirements, controls, assets, automated tests and iASM findings — into a portable, AI-readable bundle. It runs as a one-way, read-only projection: CATAAM stays the single source of truth and nothing in your core platform changes.
What is Open Knowledge Format (OKF)?
OKF is Google's open, vendor-neutral standard for packaging information as graph-linked Markdown files with YAML frontmatter that AI agents can read natively. CATAAM serialises your compliance graph into this format so any AI tool — not just ours — can use it.
How does it work with Claude?
Point the CATAAM Claude MCP connector at your OKF bundle and ask compliance questions in plain English — "which controls cover this S3 bucket?" Claude answers from your real, current controls and evidence, with far less effort than digging through dashboards.
Does it create vendor lock-in?
No — that is the point. The format is open and you own the output. Deliver it to your own Git repository or download a signed, point-in-time bundle. Exports are Ed25519-signed so auditors can verify them offline.
How do I turn it on?
In CATAAM, go to Settings → AI Context Export (OKF), enable it, and choose how it is delivered — continuous Git sync to your repository, or on-demand signed downloads. You can also generate a Claude MCP API key right from that page.

Compliance, ready for the age of AI

Turn it on under Settings → AI Context Export, or see it in a 5-minute demo.

Book a demoSee pricing