AI-powered compliance copilot that guides DoD teams through every step of the NIST Risk Management Framework (RMF) β from system registration through continuous monitoring and ATO authorization.
Built on the Model Context Protocol (MCP) with Azure OpenAI function calling, 130 compliance tools, and multi-channel delivery (VS Code, web chat, stdio).
ATO Copilot is the first tool that:
- Covers all 7 steps in a single conversational interface
- Uses AI to automate the hardest part (control narrative writing)
- Integrates with Azure for automated compliance evidence
- Exports to eMASS so it fits into the existing DoD workflow instead of replacing it
ATO Copilot is where you DO the work, eMASS is where you SUBMIT the work.
- Prepare β Register systems, define authorization boundaries, assign ISSO/ISSM/AO roles
- Categorize β FIPS 199 impact levels with NIST SP 800-60 information type mapping
- Select β Baseline selection, control tailoring, CRM inheritance, STIG cross-reference
- Implement β Control narratives, batch SSP population, IaC compliance scanning
- Assess β Automated compliance assessment, evidence collection, SAR generation
- Authorize β ATO/IATT/DATO decisions, risk acceptance, POA&M management, authorization packages
- Monitor β Continuous monitoring plans, drift detection, ConMon reports, expiration alerts
- Azure OpenAI Function Calling β GPT-4o with intelligent tool selection (72/130 tools per request)
- Multi-Turn Conversations β Conversational context across turns with automatic tool execution
- System Name Resolution β Natural language system references resolved to UUIDs automatically
- Contextual Suggestions β Follow-up action buttons based on conversation context
- CAC/PIV Authentication β DoD smart card authentication with certificate role mapping
- Privileged Identity Management β Azure PIM integration with JIT role activation
- RBAC Enforcement β Viewer, Operator, Administrator, Auditor, AuthorizingOfficial roles
- Audit Logging β Full correlation-tracked audit trail with 7-year retention
- VS Code Extension β GitHub Copilot Chat participant with
/compliance,/knowledge,/configcommands - Web Chat β React + Tailwind SPA with SignalR streaming and suggestion buttons
- Stdio Mode β Direct MCP integration for GitHub Copilot and Claude Desktop
- HTTP REST API β SSE streaming endpoint for custom integrations
- SSP, POA&M, SAR, RAR β QuestPDF and ClosedXML document generation
- eMASS Export β Controls, POA&M, and OSCAL format export
- Template Engine β Customizable document templates with save/reuse
- .NET 9.0 SDK
- Docker (recommended for full deployment)
- Azure subscription (Azure Government preferred)
cp .env.example .env
# Edit .env with your Azure credentials and OpenAI settings
docker compose -f docker-compose.mcp.yml up --buildThis starts three services:
| Service | Port | Description |
|---|---|---|
ato-copilot-mcp |
3001 | MCP server with 130 compliance tools |
ato-copilot-chat |
5001 | Web chat application |
ato-copilot-sql |
1433 | SQL Server 2022 database |
dotnet build Ato.Copilot.sln
dotnet test Ato.Copilot.sln # 3,164 testscd src/Ato.Copilot.Mcp
dotnet run -- --httpServer starts at http://localhost:3001:
| Endpoint | Description |
|---|---|
GET /health |
Health check with capability report |
GET /mcp/tools |
List all 130 available tools |
POST /mcp/chat/stream |
SSE streaming chat with AI function calling |
POST /mcp/chat |
Synchronous chat endpoint |
POST /mcp |
MCP JSON-RPC (tools/list, tools/call) |
cd src/Ato.Copilot.Mcp
dotnet run -- --stdio| Category | Tools | Examples |
|---|---|---|
| Registration (8) | System registration, boundaries, roles | compliance_register_system, compliance_define_boundary, compliance_assign_role |
| Categorization (3) | FIPS 199, information types | compliance_categorize_system, compliance_add_info_types |
| Baseline Selection (6) | Baselines, tailoring, inheritance, STIG | compliance_select_baseline, compliance_tailor_baseline, compliance_show_stig_mapping |
| SSP Authoring (5) | Narratives, batch populate, SSP generation | compliance_write_narrative, compliance_batch_populate, compliance_generate_ssp |
| Assessment (6) | Control assessment, evidence, SAR | compliance_assess_control, compliance_record_effectiveness, compliance_generate_sar |
| Authorization (7) | ATO decisions, risk, POA&M, packages | compliance_issue_authorization, compliance_create_poam, compliance_bundle_authorization_package |
| Continuous Monitoring (7) | ConMon plans, reports, reauthorization | compliance_create_conmon_plan, compliance_generate_conmon_report, compliance_reauthorization_workflow |
| Compliance Scanning (11) | Assessments, remediation, evidence, audit | compliance_assess, compliance_remediate, compliance_collect_evidence |
| Templates (4) | Document template management | compliance_list_templates, compliance_generate_from_template |
| eMASS/OSCAL (3) | Interoperability exports | compliance_emass_export_controls, compliance_emass_export_oscal |
| Category | Tools | Examples |
|---|---|---|
| Compliance Watch (23) | Monitoring, alerts, drift, auto-remediation | watch_enable_monitoring, watch_detect_drift, watch_manage_alerts |
| Kanban (21) | Remediation task boards | kanban_create_task, kanban_update_status, kanban_get_board |
| Auth & PIM (15) | CAC auth, PIM roles, JIT access | cac_authenticate, pim_activate_role, jit_request_access |
| Knowledge Base (7) | NIST, STIG, RMF, FedRAMP guidance | compliance_explain_nist_control, compliance_search_stigs |
| IaC Scanning (1) | Infrastructure-as-Code compliance | compliance_iac_scan |
| Configuration (1) | Settings management | configuration_manage |
| Chat (1) | Open-ended compliance interaction | compliance_chat |
ato-copilot/
βββ Ato.Copilot.sln
βββ src/
β βββ Ato.Copilot.Core/ # Domain models, EF Core (40 entities), interfaces
β β βββ Data/Context/ # AtoCopilotContext β SQL Server / SQLite
β β βββ Models/Compliance/ # RMF, assessment, authorization models
β β βββ Interfaces/Compliance/ # Service contracts
β βββ Ato.Copilot.Agents/ # AI agents with 130 tool implementations
β β βββ Common/ # BaseAgent (AI + keyword routing), BaseTool
β β βββ Compliance/
β β βββ Agents/ # ComplianceAgent, ConfigurationAgent, KnowledgeBaseAgent
β β βββ Tools/ # 25 tool files across RMF lifecycle
β β βββ Services/ # Business logic (40+ service implementations)
β β βββ Prompts/ # AI system prompts
β βββ Ato.Copilot.Mcp/ # MCP server (stdio + HTTP + SSE streaming)
β β βββ Server/ # McpServer, McpHttpBridge, McpStdioService
β β βββ Middleware/ # CAC auth, RBAC, audit logging, correlation
β β βββ Prompts/ # Prompt registry
β βββ Ato.Copilot.Chat/ # Web chat application
β β βββ Controllers/ # Chat API endpoints
β β βββ Hubs/ # SignalR real-time streaming
β β βββ ClientApp/ # React + Tailwind CSS SPA
β βββ Ato.Copilot.State/ # In-memory state management
βββ extensions/
β βββ vscode/ # VS Code extension (Chat participant + diagnostics)
βββ tests/
β βββ Ato.Copilot.Tests.Unit/ # 3,164 unit tests (xUnit + FluentAssertions + Moq)
βββ docs/ # MkDocs Material documentation site
βββ Dockerfile
βββ docker-compose.mcp.yml # 3-service deployment
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β MCP Clients β
β VS Code Extension β Web Chat (React) β Stdio (Copilot/Claude) β
ββββββββββ¬βββββββββββββββββββββ¬ββββββββββββββββββββ¬ββββββββββββββββββββ
β β β
βΌ βΌ βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Ato.Copilot.Mcp β MCP Server (HTTP :3001 + stdio) β
β βββ SSE Streaming (POST /mcp/chat/stream) β
β βββ JSON-RPC (POST /mcp) β
β βββ Middleware: CAC Auth β RBAC β Audit Logging β Correlation β
β βββ Agent Router: Intent classification β agent dispatch β
ββββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββ
β
βββββββββββββββββββββββββΌββββββββββββββββββββββββ
βΌ βΌ βΌ
βββββββββββββββββββ ββββββββββββββββββββββ ββββββββββββββββββββββ
β Knowledge Base β β Compliance Agent β β Configuration β
β Agent β β (130 tools) β β Agent β
β (7 tools) β β β β (1 tool) β
β β β AI Path: β β β
β NIST, STIG, β β Azure OpenAI β β Settings β
β RMF, FedRAMP β β GPT-4o function β β management β
β guidance β β calling β β β
β β β β β β
β β β Keyword Path: β β β
β β β 40+ route rules β β β
β β β w/ conversational β β β
β β β fallback β β β
βββββββββββββββββββ ββββββββββ¬ββββββββββββ ββββββββββββββββββββββ
β
βββββββββββββββββΌββββββββββββββββ
βΌ βΌ βΌ
ββββββββββββββββββββ ββββββββββββββββ ββββββββββββββββββ
β Core Services β β EF Core β β Azure SDKs β
β βββ 40+ services β β βββ 40 DbSetsβ β βββ Resource β
β βββ RMF workflow β β βββ SQL Serverβ β β Graph β
β βββ AI prompts β β βββ SQLite β β βββ Policy β
β βββ Doc gen β β β β βββ Defender β
β (QuestPDF, β ββββββββββββββββ β βββ PIM β
β ClosedXML) β β βββ Key Vault β
ββββββββββββββββββββ ββββββββββββββββββ
# Server mode
ATO_RUN_MODE=http # stdio | http
# Azure AD / Entra ID
ATO_AZURE_AD__TENANT_ID=your-tenant-id
ATO_AZURE_AD__CLIENT_ID=your-client-id
# Azure Government
ATO_GATEWAY__AZURE__SUBSCRIPTION_ID=your-sub-id
ATO_GATEWAY__AZURE__CLOUD_ENVIRONMENT=AzureGovernment
# Azure OpenAI (AI-powered tool calling)
ATO_GATEWAY__AZUREOPENAI__ENDPOINT=https://your-endpoint.openai.azure.us/
ATO_GATEWAY__AZUREOPENAI__APIKEY=your-api-key
ATO_GATEWAY__AZUREOPENAI__CHATDEPLOYMENTNAME=gpt-4o
ATO_GATEWAY__AZUREOPENAI__AGENTAIENABLED=true
# Database
ATO_CONNECTIONSTRINGS__DEFAULTCONNECTION="Server=localhost,1433;..."| Section | Description |
|---|---|
Gateway:AzureOpenAI |
Azure OpenAI endpoint, model, temperature (0.3), max tool rounds (5) |
AzureAd |
Azure AD / Entra ID with CAC/MFA toggle |
Gateway:Azure |
Subscription, managed identity, Gov cloud |
ConnectionStrings |
SQLite (dev) / SQL Server (prod) |
NistCatalog |
NIST SP 800-53 Rev 5 OSCAL source with 30-day cache |
Agents:Compliance |
Default framework, impact level, 20 control families |
Agents:KnowledgeBaseAgent |
Token limits, confidence threshold |
Agents:Kanban |
SLA tiers (24hβ90d), notification channels |
Pim |
Activation durations, high-privilege role definitions |
CacAuth |
Session timeout (8h / 24h max) |
Retention |
Assessments 3yr, audit logs 7yr |
FeatureFlags |
8 toggles for scans, evidence, remediation, docs |
Performance |
10 concurrent ops, 512MB budget, 300s timeout |
| Framework | Support Level |
|---|---|
| NIST 800-53 Rev 5 | Full |
| FedRAMP High | Full |
| FedRAMP Moderate | Full |
| DoD IL2 | Supported |
| DoD IL4 | Supported |
| DoD IL5 | Supported |
The VS Code extension integrates as a GitHub Copilot Chat participant:
@ato register a new system called Eagle Eye
@ato /compliance assess my system
@ato /knowledge explain AC-2
@ato /config set framework FedRAMP High
Features:
- Chat participant with RMF workflow commands
- IaC compliance diagnostics with CAT severity mapping
- Code actions for STIG remediation suggestions
- RMF Overview webview panel
- Follow-up suggestion buttons
Install from extensions/vscode/ β see the extension README for details.
# Run all 3,164 tests
dotnet test Ato.Copilot.sln
# Run unit tests only
dotnet test tests/Ato.Copilot.Tests.Unit/Test coverage spans:
- Tools (32 files) β All 130 tool implementations
- Services (40+ files) β Business logic, alert pipelines, PIM
- Agents (20+ files) β Routing, AI path, prompt handling
- Middleware (5 files) β CAC auth, RBAC, audit, correlation
- Scanners (12 files) β All NIST control family scanners
- Evidence Collectors (12 files) β Per-family evidence collection
- Models (6 files) β Domain model validation
- MCP/Server (6 files) β SSE streaming, error handling, intent routing
- Chat (9 files) β Chat service, SignalR hub, message mapping
Full documentation is built with MkDocs Material:
pip install mkdocs-material
mkdocs serveSections: Getting Started (6 role-specific guides), Personas (ISSM, ISSO, SCA, AO, Platform Engineer), RMF Phases (Prepare through Monitor), Reference (tool catalog, API, configuration).
Proprietary. All rights reserved.