Skip to main content
By Region

Compliance is local. CISGuard deploys where you operate.

Five regional landing pages covering the regulators, sovereignty constraints, and deployment patterns that matter for your jurisdiction.

Choose Your Region

Five jurisdictions, one platform.

US

United States

A single CIS benchmark scan produces evidence for NIST 800-53, FedRAMP Moderate/High, CMMC Level 2, SOC 2 Type II, HIPAA, and CCPA, with air-gapped support for federal classified environments.

Read deep-dive →
California

California, United States

CISGuard generates the technical-controls evidence California AG enforcement actions and class-action defenses rely on: continuous CIS benchmark posture, drift detection, and CCPA/CPRA-ready artifacts.

Read deep-dive →
New York

New York State, United States

CISGuard generates the technical-controls evidence New York Department of Financial Services examiners expect under 23 NYCRR 500: continuously, with the audit-ready Framework Coverage Reports the November 2023 amendments effectively mandate.

Read deep-dive →
Texas

Texas, United States

Texas Data Privacy and Security Act (TDPSA), HIPAA, PCI-DSS, NIST 800-53, FedRAMP, SOC 2, and CMMC compliance automated for Texas enterprises in tech, energy, healthcare, and aerospace.

Read deep-dive →
Virginia

Commonwealth of Virginia, United States

FedRAMP, CMMC Level 2, NIST 800-53, NIST 800-171, Virginia CDPA, HIPAA, and SOC 2 compliance automated for the federal contractor, GovTech, and BFSI tenants of Northern Virginia and Hampton Roads.

Read deep-dive →
Massachusetts

Commonwealth of Massachusetts, United States

HIPAA, HITRUST CSF, Massachusetts 201 CMR 17, SOC 2, FDA 21 CFR Part 11, FedRAMP, and CMMC compliance automated for Massachusetts biotech, BFSI, defense, and higher-education tenants.

Read deep-dive →
Washington

State of Washington, United States

My Health My Data Act, Washington Privacy Act, HIPAA, SOC 2, FedRAMP, ITAR, and CMMC compliance automated for Washington tech, healthcare, aerospace, and cloud-services tenants.

Read deep-dive →
Illinois

State of Illinois, United States

Illinois BIPA, IL Personal Information Protection Act, SOX, NYDFS-equivalent insurance frameworks, HIPAA, SOC 2, NIST 800-53, and CFTC Reg AT compliance automated for Illinois BFSI, insurance, manufacturing, and healthcare tenants.

Read deep-dive →
Colorado

State of Colorado, United States

Colorado Privacy Act, HIPAA, FedRAMP, NIST 800-171, CMMC, ITAR, and SOC 2 compliance automated for Colorado aerospace, defense, tech, healthcare, and energy tenants.

Read deep-dive →
San Francisco SoMa

SoMa (South of Market), San Francisco

CCPA / CPRA, SOC 2 Type II, ISO 27001, HIPAA, PCI-DSS, NYDFS, and GDPR compliance automated for the SaaS unicorns, fintech, and AI scaleups concentrated across SoMa, the Financial District, and Mission.

Read deep-dive →
SF Mission Bay

Mission Bay, San Francisco

HIPAA, HITRUST CSF, FDA 21 CFR Part 11, CCPA / CPRA, SOC 2, ISO 27001, and GDPR compliance automated for the biotech, clinical-research, and life-sciences tenants of UCSF Mission Bay and the adjacent biopharma cluster.

Read deep-dive →
Palo Alto

Palo Alto, Silicon Valley

CCPA / CPRA, SOC 2 Type II, ISO 27001, FedRAMP, NIST 800-171, HIPAA, and GDPR compliance automated for the late-stage VC, Stanford-adjacent research, and enterprise software tenants of Palo Alto and Sand Hill Road.

Read deep-dive →
Mountain View

Mountain View, Silicon Valley

CCPA / CPRA, SOC 2, ISO 27001, FedRAMP, NIST 800-53, HIPAA, and GDPR compliance automated for the Google, LinkedIn, NASA Ames, and Silicon Valley enterprise tenants of Mountain View.

Read deep-dive →
Cupertino

Cupertino, Silicon Valley

CCPA / CPRA, SOC 2, ISO 27001, HIPAA, PCI-DSS, GDPR, and ITAR-aligned compliance automated for the Apple-anchored ecosystem, supplier network, and Silicon Valley operators of Cupertino and Sunnyvale-adjacent.

Read deep-dive →
NYC Financial District

Financial District (FiDi), Manhattan, New York

NYDFS 23 NYCRR 500, SEC Reg SCI, FINRA, SOX, GLBA, HIPAA, NIST 800-53, and SOC 2 compliance automated for the BFSI HQs and capital-markets infrastructure of Lower Manhattan.

Read deep-dive →
NYC Midtown

Midtown Manhattan, New York

NYDFS 23 NYCRR 500, SOX, GLBA, HIPAA, SOC 2, ISO 27001, CCPA / CPRA, and GDPR compliance automated for the media, advertising, consulting, insurance, and corporate-services tenants of Midtown Manhattan.

Read deep-dive →
Boston Kendall Square

Kendall Square, Cambridge / Boston

HIPAA, HITRUST CSF, FDA 21 CFR Part 11, Massachusetts 201 CMR 17, GDPR, SOC 2, and ISO 27001 compliance automated for the biotech, clinical-research, MIT, and gene-therapy tenants of Kendall Square.

Read deep-dive →
Boston Route 128

Route 128 Corridor (Burlington / Waltham / Lexington), Greater Boston

NIST 800-171, CMMC Level 2 / 3, FedRAMP, ITAR, NIST 800-53, HIPAA, HITRUST, SOC 2, and Massachusetts 201 CMR 17 compliance automated for the defense-electronics, federal-research, and enterprise-tech tenants of the Route 128 ring.

Read deep-dive →
Austin

Austin, Texas

TDPSA, HIPAA, SOC 2, ISO 27001, PCI-DSS, NIST 800-171, CMMC, and CCPA / CPRA compliance automated for the Tesla, Apple, Oracle, Dell, AMD, and SaaS-scaleup tenants of Austin.

Read deep-dive →
Seattle Downtown

Seattle Downtown / South Lake Union, Washington

My Health My Data Act, SOC 2, ISO 27001, FedRAMP, HIPAA, NIST 800-53, and CCPA / CPRA compliance automated for the Amazon, Expedia, Zillow, Tableau, and SaaS-scaleup tenants of Seattle Downtown and South Lake Union.

Read deep-dive →
Bellevue

Bellevue, Washington (Eastside)

My Health My Data Act, SOC 2, ISO 27001, FedRAMP, HIPAA, NIST 800-53, and PCI-DSS compliance automated for the Microsoft Bellevue, T-Mobile US, Concur, Smartsheet, and Eastside enterprise-tech tenants.

Read deep-dive →
Tysons Corner

Tysons Corner, Virginia

FedRAMP, CMMC L2 / L3, NIST 800-53, NIST 800-171, ITAR, NYDFS, SOX, HIPAA, and SOC 2 compliance automated for the federal contractor, GovTech, BFSI, and consulting tenants of Tysons Corner.

Read deep-dive →
Reston

Reston, Virginia

FedRAMP, CMMC L2 / L3, NIST 800-53, NIST 800-171, ITAR, HIPAA, SOC 2, and ISO 27001 compliance automated for the SAIC, Leidos, HPE Federal, Volkswagen Group of America, and federal-IT tenants of Reston.

Read deep-dive →
Research Triangle Park

Research Triangle Park (RTP), North Carolina

HIPAA, HITRUST, SOC 2, ISO 27001, FedRAMP, NIST 800-53, PCI-DSS, and FDA 21 CFR Part 11 compliance automated for the IBM RTP, SAS Institute, Cisco RTP, Lenovo, IQVIA, and biotech tenants of the Research Triangle.

Read deep-dive →