Ask SIAGA — natural-language audit copilot

Query your findings, configs, baselines and reports in plain language. Every answer cites its evidence and links to the source record — and says "no evidence" when it has none.
Which core-network devices are non-compliant with the PFCP encryption baseline, and how bad is it?
9 UPF nodes in the Packet Core are non-compliant — PFCP on the N4 interface (SMF↔UPF) is running in cleartext, so session-management signalling can be intercepted or modified.

This is finding 📌 AUD-2198 (Critical, confidence 0.95), mapped to 3GPP TS 33.513 and ENISA #NET-04. Detected in the 06:00 scheduled sweep run-8830.
Sources — findings: AUD-2198 · devices: UPF-CORE-01…09 · baseline: 3GPP SCAS TS 33.513 v Rel-16.3
Show the 9 devicesSee a config diffOnly Jakarta DC-1
Just the ones in Jakarta DC-1 — and has this drift been seen before?
4 of the 9 are in Jakarta DC-1: UPF-CORE-01, -02, -03, -07.

Yes — the same N4 cleartext condition was flagged in March (AUD-1904) and remediated, then regressed after a UPF software upgrade on 12 Jun that reset the IPsec profile. This is a recurrence, which is why the drift-regression rate ticked up to 4%.
Sources — findings: AUD-2198, AUD-1904 (Mar) · change record: CR-8612 (UPF upgrade, 12 Jun)
Open remediation ticketDraft note for Core teamExport as report section
Do we have any findings mapped to the new BSSN 2025 control set that aren't in the June report yet?
No evidence found for that exact query. The BSSN 2025 control set is loaded as a draft baseline, but no open finding is currently tagged to it outside the June report. I can't confirm coverage is complete — the draft mapping is only 81% applied. Want me to run a targeted gap scan?
Checked — findings DB (23 open) · baseline: BSSN/Kominfo 2025 draft · report: June 2026. Nothing matched.
Run BSSN gap scanOpen BSSN baseline

Try asking

Summarise this week's critical findings for the board Which sites have unsigned firmware? Explain why AUD-2231 is critical Generate a remediation summary for a ticket

Grounding & trust

📌 finding live findings & configs
std baseline / policy library
report prior generated reports
Answers are scoped to your tenant. No source → the assistant says so rather than guessing.