// overview

What Comp AI Does

Comp AI is an open-source compliance automation platform built by Bubba AI, Inc. Founded in late 2024 by Lewis Carhart, Claudio Fuentes, and Mariano Fuentes (previously at Leap AI), the company launched from stealth in April 2025 and raised a $2.6M pre-seed round co-led by OSS Capital and Grand Ventures, with angel investors including David Cramer (Sentry founder).

The entire core platform is open source under the AGPLv3 license, meaning companies can self-host it on their own infrastructure at zero licensing cost. For teams that want managed services, Comp AI offers tiered pricing starting at $199/month (Starter) and $997/month (Pro, includes third-party audit), plus a $3,000 one-time Done-For-You package. The platform supports 25+ frameworks including SOC 2, ISO 27001, HIPAA, PCI DSS 4.0, GDPR, CCPA, and NIST.

Comp AI uses AI agents to automate evidence collection, generate policies, score risks, and respond to security questionnaires. The open-source model and startup-friendly pricing position Comp AI as a disruptor in a market where most competitors charge $10K-$50K/yr. However, the company is very new, and some claims on its website (such as G2 review counts) have been flagged as inflated.

best for

▸Budget-conscious startups and engineering-led teams who want full control over their compliance tooling, prefer open-source software, or need SOC 2/HIPAA/GDPR certification for under $10K total.

not ideal for

▸Mid-market and enterprise organizations needing multi-framework GRC capabilities, deep integrations with enterprise tools, or white-glove advisory services. The platform launched in 2025 and is still maturing.

// pricing

Pricing

Starting price ~$2,388/yr (vendor-confirmed)

Pricing model Hybrid

Free trial Yes

Free tier Yes

Pricing disclosed Yes

Open-core model (99% AGPLv3, 1% commercial). Self-hosted: free. Starter: $199/month. Pro: $997/month (includes third-party audit coordination). Done-For-You: $3,000 one-time. No mandatory annual contracts. 100% money-back guarantee on audit outcomes. About 75-80% cheaper than Vanta at the Starter tier.

Full Pricing Breakdown → View Comp AI Pricing Page →

// at a glance

Frameworks, Features & Integrations

Frameworks

SOC 2

ISO 27001

HIPAA

PCI DSS

GDPR

FedRAMP

CCPA

NIST

DORA

Total 25+

Features

Evidence collection Auto

Continuous monitoring

Auditor portal

Vendor risk mgmt

Pen testing

Trust center

Security Q&A

API access

Policy mgmt

Employee training

Integrations

Total count 8+

AWS

GCP

Azure

GitHub

Jira

Slack

Key platforms: AWS, GCP, Azure, GitHub, Google Workspace, Okta

// ratings

Ratings & User Sentiment

G2

4.7 ★★★★★

45 reviews

Read G2 Reviews →

what users praise

▸Speed of compliance: users report getting audit-ready in days, not months
▸Affordability: 75-80% cheaper than established competitors with a free self-hosted option
▸Exceptional personal support with 1:1 Slack channels to founders and 5-minute response times

what users criticize

▸Platform maturity and trust concerns: company is less than 2 years old with limited independent verification
▸Limited integration depth compared to established platforms (docs list ~9 built-in despite claims of 100+)
▸Initial setup complexity, occasional browser AI glitches, and upload issues

👤

Typical Customer

Early-stage startup with fewer than 50 employees needing first SOC 2 or HIPAA certification on the tightest possible budget.

Ready to evaluate Comp AI?

Visit their site to request a demo and get current pricing for your team size.

Visit Comp AI →

Data sources: Pricing and features from vendor website, G2, and Capterra. Re-verified every 90 days. Last check: Mar 2026. Next re-check: June 2026. Spot an error? Report it.