Tools that work
in regulated environments.
Purpose-built for organisations where governance outputs need to survive audit, not just satisfy a checklist.
EU/UK Sovereignty Gap Analysis
A browser-based assessment that maps your organisation's posture across nine sovereignty domains aligned to NIS2, DORA, CRA, GDPR, and the EU AI Act.
Runs entirely client-side in your browser; no responses are stored or transmitted. Designed for security, legal, and governance teams who need a fast, practitioner-led baseline of sovereignty gaps.
- Nine domains across hardware, firmware, cloud, data, AI, and vendor risk
- Maturity scoring (0–4) with posture archetype and priority gaps
- Plain-text export for internal reports and board packs
- Fully offline-capable; no data collection by Clewline
temporal-security-scanner
Temporal workflow security compliance scanning: educational reference and production-capable tool.
Identifies security anti-patterns in Temporal workflow definitions and surfacing misconfigurations that create exploitable race conditions, privilege escalation paths, or audit gaps in long-running processes. Designed for DevSecOps teams operating Temporal in regulated environments.
- Static analysis of workflow definitions and activity handlers
- Compliance mapping to NIST, SOC 2, and ISO 27001 controls
- CI/CD-native: GitHub Actions and GitLab CI integration included
- Structured JSON output for SIEM and ticketing system ingestion
- Human-readable reports with remediation guidance