April 20, 2026 — Draxis.ai today announced the Workflow Process Engine, a new platform capability that lets security, risk, and compliance analysts turn ad-hoc organizational processes into structured, executable workflows through natural conversation. An AI agent conducts a Socratic discovery interview, recommends a compliance framework alignment, extracts Key Risk Indicators (KRIs) at every decision gate, and emits n8n-importable JSON that can be deployed and monitored in minutes.

The Workflow Process Engine operationalizes expert knowledge at the source. Instead of translating a specialist's advice into documentation that someone else re-translates into an automation, the platform captures the process, the risk metrics, and the automation logic in a single discovery session — producing an executable artifact that begins monitoring risk the moment it is deployed.

The Problem: GRC Processes Live in Analysts' Heads

Most GRC processes — vendor reviews, incident response, access recertification, change approvals — are informal, inconsistently documented, and impossible to measure. Security teams repeat the same work hundreds of times a year with:

  • No standardized steps, so outcomes depend on who ran the process that week
  • No measurable KRIs, so the business cannot see where risk lives or where it is moving
  • No playbook that scales, so each new analyst learns the process by shadowing and accumulating tribal knowledge
  • No connection to automation, so repetitive steps consume hundreds of hours annually per process

The Workflow Process Engine fixes all four — in a single conversational session with the AI vCISO.

How It Works

1. Choose a Workflow Mode

Start with a deterministic workflow (structured n8n automation with fixed logic gates) or a non-deterministic workflow (AI-collaborative design where judgment steps remain in the hands of a human or an AI persona). Deterministic workflows enforce infrastructure readiness gates — queue, object storage, and file configuration must be in place — so orphaned, undeployable workflows cannot be created.

2. Socratic Discovery Interview

An AI agent asks eight to twelve targeted questions to understand the process: scope, stakeholders, decision gates, data sources, escalation rules, and failure modes. The interview is resumable, tenant-isolated, and continuously summarized. Based on the responses, the engine recommends a compliance framework alignment — NIST CSF 2.0, ISO 27001, SOC 2, PCI-DSS, HIPAA, or CMMC — and maps the workflow's steps to relevant control objectives.

3. KRI Extraction at Every Gate

As the workflow is generated, the engine identifies Key Risk Indicators at every decision gate — each with a key, threshold, category, and the specific gate node that emits it. KRI definitions are versioned alongside the workflow, so changes in thresholds or categories are traceable over time. When the workflow runs, the platform ingests KRI events in real time and alerts on threshold breaches.

4. n8n Export with Public Download Link

Each workflow version is saved as n8n-importable JSON with trigger nodes, decision gates, HTTP request nodes, KRI emitter nodes, and approval loops pre-wired. A unique public download link is generated per version — shareable with engineering partners or air-gapped environments without authentication. For isolated n8n deployments, a relay intermediary (shared folder, object storage, or message queue) streams KRI events back to the Draxis platform.

Key Capabilities

  • Deterministic and non-deterministic modes — match the workflow style to the process (fully automated vs. AI-collaborative)
  • Infrastructure readiness gates — prevent orphaned deterministic workflows by requiring queue/storage/file configuration up front
  • Adaptive discovery interview — eight to twelve targeted questions tailored to the process scope
  • Compliance framework mapping — NIST CSF 2.0, ISO 27001, SOC 2, PCI-DSS, HIPAA, CMMC
  • n8n-importable JSON export — directly importable into any n8n instance
  • Public workflow download links — per-version tokens for secure sharing without authentication
  • KRI extraction and versioning — Key Risk Indicators identified at every decision gate, versioned with the workflow
  • Real-time KRI event ingestion — events from running workflows flow back into the platform for continuous monitoring
  • Relay support for air-gapped n8n — shared-folder, object-storage, or message-queue intermediaries for isolated environments
  • Side-panel version history — download links, KRI definitions, ingested events, and interview history in a single view
  • Vendor and supplier scope — templated workflows for third-party risk, due diligence, and sub-processor evaluations
  • Full audit trail — interview transcript, KRI events, version history, and every decision preserved for compliance review

Why It Matters for vCISOs

For vCISO firms, the Workflow Process Engine is an operating-system upgrade for client engagements. The first interview with a new client — historically a month of shadowing and discovery calls — is compressed into structured sessions that produce executable, measurable workflows by the end of the engagement. Advisors can deliver a library of client-specific, KRI-instrumented playbooks as a standard engagement deliverable.

Because every workflow is versioned and every KRI event is ingested, vCISOs can demonstrate measurable improvement to clients over time — not with status updates, but with data: "Your third-party review cycle time dropped from 21 days to 6; your access recertification exception rate is down 62 percent since Q1." The engine turns advisory engagement into outcome-based advisory engagement.

"The process isn't the problem — the process being invisible is the problem. The Workflow Process Engine makes the process visible, executable, and measurable in a single conversation, and every run after that proves the process is working."
— Draxis.ai

Availability

The Workflow Process Engine is available today for all Draxis.ai platform tiers. Non-deterministic workflow creation is included within existing AI vCISO query allocations. Deterministic workflow deployment requires infrastructure configuration (queue, object storage, or file relay) and is available on vCISO and Enterprise tiers.

Turn your first process into a workflow

Sit down with the AI vCISO, talk through your process, and walk away with a deployable n8n workflow and embedded KRIs.

Get Early Access →

About Draxis.ai

Draxis.ai is an AI-powered cyber risk intelligence platform that translates technical security data into executive decisions — personalized for every stakeholder. The platform connects security tool data to business outcomes through a five-layer risk model and uses an AI vCISO, extended by specialist Skills and a Workflow Process Engine, to deliver role-aware briefings and executable processes for CFOs, CISOs, board members, and risk committees. Used by companies managing their own risk posture and by vCISO advisory firms scaling across multiple clients, Draxis.ai provides multi-tenant isolation, financial risk quantification, and full traceability from security tools to business impact.

Media contact: press@draxis.ai