Probo is an open-source compliance platform built for startups that helps you achieve SOC-2 compliance quickly and efficiently. Unlike traditional solutions, Probo is designed to be accessible, transparent, and community-driven.

• 💡 Focus on relevance

  • Tailored program: only what matters, so you get SOC-2 ready in just 20 hours.
  • Context-aware security controls.
  • Smart task prioritization based on your risk profile.

• ⚡️ Smart automation

  • Automated risk assessment.
  • AI-powered policy generation tailored to your stack.
  • Pre-filled vendor risk assessment.

• 🔓 No Vendor Lock-in

  • Own your compliance data.
  • Export everything, anytime.
  • Open-source transparency.

• 💰 Cost-Effective

  • Free to use.
  • Pay for the services you need only.
  • No hidden fees or forced costs.

• Go 1.21+
• Node.js 22+
• Docker
• mkcert

1. Clone the repository:

   git clone https://github.com/getprobo/probo.git
   cd probo

2. Install dependencies:

   # Install Go dependencies
   go mod download
   
   # Install Node.js dependencies
   npm ci

3. Start the development environment:

   # Start infrastructure services
   make stack-up
   
   # Build the project
   make build
   
   # Start the application using development settings
   bin/probod -cfg-file cfg/dev.yaml

The application will be available at:

• Application: http://localhost:8080

To test the custom domains feature locally, add the CNAME target to your hosts file:

# Add this line to /etc/hosts (macOS/Linux) or C:\Windows\System32\drivers\etc\hosts (Windows)
127.0.0.1 custom.getprobo.com

This allows you to test custom trust center domains on your local machine. The CNAME target can be configured in cfg/dev.yaml under custom-domains.cname-target.

For detailed setup instructions, see our Contributing Guide.

Probo is in early development, focusing on building a solid foundation for compliance management. Here's our current focus:

• 🎯 Core Compliance Engine

  • SOC 2 control framework implementation
  • Basic policy management
  • Evidence collection system
  • User and organization management

• 📋 Essential Features

  • Control tracking and status
  • Basic task management
  • Simple evidence attachments
  • Team collaboration tools

• Go - API server
• PostgreSQL - Data storage
• GraphQL - API layer

• React with TypeScript
• Relay - Data fetching
• TailwindCSS - Styling

• Docker - Containerization
• OpenTelemetry - Observability
• GitHub Actions - CI/CD

• Grafana - Metrics visualization
• Prometheus - Metrics collection
• Loki - Log aggregation
• Tempo - Distributed tracing

We love contributions from our community! There are many ways to contribute:

• 🌟 Star the repository to show your support
• 🐛 Report bugs
• 💡 Request features
• 🔧 Submit pull requests
• 📖 Improve documentation

Please read our Contributing Guide before making a pull request.

1. Accessible Compliance: Traditional solutions are often behind expensive paywalls. We believe security measures should be accessible to all.

2. Fresh Approach: Built from scratch, learning from past issues to create a better compliance experience.

3. Community-Driven: As an open-source project, we believe the entire ecosystem should benefit from improvements and innovations.

• 📖 [Official Documentation](coming soon)
• 💬 Discord Community
• 📝 Blog

• Join our Discord community
• Follow us on Twitter
• Connect on LinkedIn
• Visit our website

Probo is MIT licensed.