Product — ChillinnBOT

// Features

Built for validation teams.

⚡

Automated Control Checks

Run 16+ GxP-specific controls across AWS and Azure in under 60 seconds. No manual configuration files required.

📋

Audit-Ready PDF Reports

Download structured PDF evidence packages formatted for IQ/OQ/PQ documentation. Attach directly to your validation deliverables.

📦

JSON Evidence Export

Machine-readable evidence files with ISO 8601 timestamps. Ingest into your QMS or store in your audit trail automatically.

🔒

Read-Only Access

ChillinnBOT never writes to your cloud environment. Only reads configuration data required for control evaluation. Zero risk to production.

☁️

Dual-Cloud Support

AWS and Azure covered in a single scan. One report, both clouds, one audit evidence package. No maintaining two separate processes.

📊

Compliance Dashboard

Live Pass/Fail view across all controls. Filter by cloud, by result, or by control ID. Click any row for finding details and remediation notes.

// Controls

Control ID	Name	Service	GxP Requirement
CTL-A001	S3 Bucket Encryption at Rest	S3	21 CFR Part 11 — Data integrity
CTL-A002	CloudTrail Enabled (All Regions)	CloudTrail	21 CFR Part 11 — Audit trail
CTL-A003	Security Group Open Port Exposure	EC2/VPC	GAMP 5 — Network security
CTL-A004	Root Account MFA Enabled	IAM	21 CFR Part 11 — Identity verification
CTL-A005	KMS Key Rotation Enabled	KMS	Annex 11 — Key management
CTL-A006	IAM Admin Policy Scope	IAM	21 CFR Part 11 — Least privilege
CTL-A007	VPC Flow Logs Enabled	VPC	GAMP 5 — Network logging
CTL-A008	GuardDuty Enabled Per Region	GuardDuty	Annex 11 — Intrusion detection

Control ID	Name	Service	GxP Requirement
CTL-Z001	Azure Blob Storage Encryption	Storage	21 CFR Part 11 — Data integrity
CTL-Z002	Azure Monitor & Diagnostic Settings	Monitor	21 CFR Part 11 — Audit trail
CTL-Z003	NSG Open Port Exposure	Network	GAMP 5 — Network security
CTL-Z004	MFA for Privileged Users	Entra ID	21 CFR Part 11 — Identity verification
CTL-Z005	Key Vault Rotation Policy	Key Vault	Annex 11 — Key management
CTL-Z006	RBAC Over-Permission Audit	Entra ID	21 CFR Part 11 — Least privilege
CTL-Z007	Network Watcher Flow Logs	Network	GAMP 5 — Network logging
CTL-Z008	Microsoft Defender for Cloud	Defender	Annex 11 — Intrusion detection