Secure AI assistantLive

Counsel

A private AI assistant for security and compliance. Grounded in the frameworks that apply to you and your own documents, every answer cites its sources, and nothing ever leaves the EU.

Join the waitlist Runs on Soveryne Cloud

Why it matters

Answers you can trust, from sources you control.

General chatbots guess, and send your questions to servers you do not control. Counsel answers only from a curated library of security frameworks and the documents you upload, cites every claim inline so you can verify it, and runs entirely on Soveryne Cloud.

What it does

Built for security and compliance work.

Grounded, cited answers

Every response is drawn from your enabled sources and cites them inline, so you can open each reference and verify it instead of trusting a black box.

A ready compliance knowledge base

Comes with DORA, GDPR, ISO/IEC, NEN, NIS2 and NIST today, indexed and ready for the assistant to answer from, with more knowledge added over time.

Bring your own documents

Upload policies, runbooks and contracts. They are indexed so the assistant can answer from them, private to you and encrypted at rest.

Reference a document inline

Type @ to point a question at a specific framework or file, so the assistant answers from exactly the source you mean.

Per-chat source control

Choose precisely which frameworks and uploads ground each conversation, and set a default for every new chat.

Sovereign by default

Runs on our own Soveryne Cloud, with zero US exposure. Your questions and documents stay in jurisdiction by architecture.

A look inside

A look inside Counsel.

Answers with citations

Ask in plain language and get a grounded answer with inline sources you can open and check.

app.soveryne.eu/chat

Choose what grounds your chats

A curated library of frameworks plus your own uploads. Toggle exactly what the assistant can draw on.

app.soveryne.eu/knowledge

Scope each chat to the right sources

Override the default per conversation, so a chat answers only from the documents that matter to it.

app.soveryne.eu/chat

Bring your own documents, securely

Private to you, encrypted at rest, indexed so the assistant can answer from them.

app.soveryne.eu/knowledge

Knowledge base

Grounded in the frameworks that apply to you.

Counsel answers from a curated, EU-relevant library of frameworks, standards and regulations. Browse each family to see what the assistant can draw on, alongside the private documents you upload.

Framework family

ISO/IEC

4 standards

The international baseline for an information security management system. Adopt these when you want recognized, certifiable security that customers, partners and auditors trust: 27001 sets the requirements, 27002 the controls, 27005 the risk method.

ISO/IEC 27000:2018

ISMS overview & vocabulary

ISO/IEC 27001:2022

ISMS requirements

ISO/IEC 27002:2022

Information security controls

ISO/IEC 27005:2022

Information security risk management

Framework family

NIST

10 standards

A deep, widely adopted control catalog and shared risk language from the US. Reach for these when you align with US federal or enterprise expectations, need a comprehensive control set like SP 800-53, or want one common framework (CSF) across teams and suppliers.

NIST CSF 1.1

Cybersecurity Framework

NIST CSF 2.0

Cybersecurity Framework

NIST IR 8323r1

PNT/GPS resilience

NIST IR 8374

Ransomware Risk Management Profile

NIST IR 8546

Interagency report

NIST SP 800-37 Rev.2

Risk Management Framework

NIST SP 800-53 Rev.5

Security & Privacy Controls

NIST SP 800-61 Rev.3

Incident handling guide

NIST SP 800-218 (SSDF)

Secure Software Development Framework

NIST SP 800-221A

Enterprise ICT risk management

Framework family

EU regulations

3 standards

Legal obligations, not optional. NIS2 applies to essential and important entities, DORA to operational resilience in the financial sector, and GDPR to anyone handling personal data of EU residents. Map them here to turn legal duties into controls you can evidence.

NIS2 Directive

EU network & information security

DORA

Digital Operational Resilience Act

GDPR

General Data Protection Regulation

Framework family

NENDutch healthcare

4 standards

The Dutch standard for information security in healthcare. Required if you process health data in the Netherlands. Use it to demonstrate compliant, careful handling of patient and medical information.

NEN 7510-1:2024

Health-info security management

NEN 7510-2

Health-info security measures

NEN 7510 Whitepaper

NCS 7510:2025

How the solutions tie in

Part of your Soveryne platform.

Counsel shares the same EU-sovereign foundation and knowledge as the rest of Soveryne. Ask a question here, then operationalize the answer where your security program lives.

OrganizationLive

Command

Turn an answer into action: every framework the assistant knows is one you can operate as mapped, evidenced controls.

TechnologyLive

Soveryne Cloud

The same EU-hosted infrastructure. Your chats and uploads stay in jurisdiction by architecture, with zero US exposure.

PeopleComing soon

Awareness and offensive testing

As these solutions arrive, their guidance and findings become knowledge the assistant can answer from.

Put your security knowledge to work.

Join the early-access waitlist and we will set up a free intake.

Join the waitlist