What ruledoc does
Reads any major firewall config. Maps it to six compliance frameworks. Produces a report your auditor will accept.
How it works
-
1
Upload
Drop in your firewall config export. Text, XML, or vendor backup. Up to 50 MB per file.
-
2
Normalize
The vendor-specific parser converts the configuration into a structured form. Rules, zones, NAT, IPsec, logging, authentication, sessions — all extracted.
-
3
Report
Pick a framework. Read the findings with severity, control mapping, and remediation. Export PDF or JSON.
Six compliance frameworks
NIS2
EU Network and Information Security 2 directive. Risk management, incident reporting, supply-chain security.
SOC 2
AICPA Trust Services Criteria. Security, availability, processing integrity, confidentiality, privacy.
PCI-DSS v4
Payment Card Industry Data Security Standard. CDE-scope wizard, network segmentation, logging requirements.
ISO 27001
ISO/IEC 27001 ISMS. Annex A control mapping focused on the network/firewall layer.
CIS Controls v8
Center for Internet Security Critical Controls. Implementation Groups 1 through 3.
NIST CSF
NIST Cybersecurity Framework. Identify, Protect, Detect, Respond, Recover functions.
Eleven firewall platforms
One report shape, regardless of which vendor lives in the rack.
What a finding looks like
Inbound rule permits 0.0.0.0/0 to management plane
Rule in_wan_mgmt permits TCP/443 from any source to the firewall's management interface.
NIS2 risk management requires that administrative access be restricted to known sources.
Remediation.
Replace any with the administrative jump-host subnet, or move the management plane to an out-of-band VLAN.
Why teams pick ruledoc
No agents, no scans
Static config analysis. Nothing to install on your firewall.
Plain-English findings
Auditors don't care about CLI syntax. We translate.
Vendor-neutral output
Mixed FortiGate / Palo Alto / Clavister estates produce one consistent report.
JSON for your GRC tool
Findings export as JSON so your SOAR or GRC platform can ingest them.