Compliance evidence is usually assembled backwards: an audit looms, a team scrambles, and a binder of screenshots gets built to prove what the environment looked like last quarter. We built the fabric to make that exercise unnecessary.
Every finding, detection, and report inside FABRIC carries its control mapping as native metadata. When Exposure flags an unmanaged internet-facing asset, the finding is already tagged to the relevant National Cybersecurity Authority controls. When MDR closes a case, the evidence trail is already structured the way a regulator expects to read it.
We treat the national control framework the way we treat detection logic: as code, versioned and testable. Each control is represented in the fabric's data model, and platform events map to controls automatically. The result is a living compliance posture — not a point-in-time attestation, but a continuously updated picture of which controls are evidenced, which are degraded, and which have gaps.
The Security Reporting platform consumes the same mappings. A board report, an NCA submission, and an internal posture review are different views over the same evidence — generated in minutes, consistent with each other by construction.
Data residency is the easy half of PDPL. The hard half is proving who touched what, when, and why.
Because the entire fabric — telemetry, analytics, and the AI analysts themselves — operates in-Kingdom, residency is structural rather than contractual. On top of that, every access to client data inside the platform is logged against purpose, giving data controllers the audit trail the Personal Data Protection Law expects.
Alignment is a moving target; frameworks evolve and so do we. This note reflects the mapping as it stands today, and the fabric's control model is updated with each regulatory revision.