adds compliance-officers-path documentation

Signed-off-by: Frédéric Noppe <frederic.noppe@l3montree.com>

Author: l3monKenji

src/pages/getting-started/choose-your-path/for-compliance-officers.mdx

@@ -1,9 +1,10 @@
 ---
-title: DevGuard for Compliance Officers
-description: How DevGuard helps compliance officers prove and maintain security compliance across software projects — covering CRA, NIS2, PCI DSS, and ISO 27001 with automated evidence, audit trails, and shift-left compliance as code.
+title: DevGuard for Compliance Officers - Software Compliance Management
+description: How DevGuard helps compliance officers prove and maintain software compliance across every project — covering CRA, NIS2, PCI DSS, and ISO 27001 with automated evidence, audit trails, and shift-left compliance as code in CI/CD pipelines.
 seo:
-  keyword_primary: "DevGuard compliance officers"
+  keyword_primary: "software compliance"
   keywords_secondary:
+    - "software compliance automation"
     - "CRA compliance software"
     - "NIS2 compliance DevSecOps"
     - "ISO 27001 software development"
@@ -13,11 +14,11 @@ seo:
     type: "article"
 ---
 
-# DevGuard for Compliance Officers
+# DevGuard for Compliance Officers - Software Compliance Management
 
-As a compliance officer, your job is to demonstrate that software is developed and operated securely—to auditors, regulators, customers, and management. The challenge is that modern software is complex, changes continuously, and spans dozens of teams and hundreds of dependencies.
+As a compliance officer, your job is to prove software compliance: that software is developed and operated securely, to auditors, regulators, customers, and management. The challenge is that modern software is complex, changes continuously, and spans dozens of teams and hundreds of dependencies.
 
-DevGuard embeds compliance into the software development lifecycle itself. Rather than collecting evidence after the fact, it generates verifiable proof of every security check, vulnerability decision, and policy evaluation automatically—as part of every build.
+DevGuard embeds software compliance into the development lifecycle itself. Rather than collecting evidence after the fact, it generates verifiable proof of every security check, vulnerability decision, and policy evaluation automatically—as part of every build.
 
 ---
 
@@ -61,7 +62,7 @@ This lets you show auditors a prioritized, risk-justified remediation backlog ra
 
 ---
 
-## Compliance framework coverage
+## Software Compliance Framework Coverage
 
 ### EU Cyber Resilience Act (CRA)
 
@@ -119,11 +120,11 @@ See the full [ISO 27001 controls mapping](/explanations/compliance/iso-27001-map
 
 ---
 
-## Compliance as Code: shifting left
+## Compliance as Code: Shifting Left on Software Compliance
 
-Traditional compliance is a post-development activity—security reviews happen before releases, audits after incidents. This creates pressure spikes, delays, and expensive rework.
+Traditional software compliance is a post-development activity—security reviews happen before releases, audits after incidents. This creates pressure spikes, delays, and expensive rework.
 
-DevGuard flips this model. Compliance checks run automatically inside every CI/CD pipeline, so developers discover and fix violations while they still have context—not weeks later during a review cycle.
+DevGuard flips this model. Software compliance checks run automatically inside every CI/CD pipeline, so developers discover and fix violations while they still have context—not weeks later during a review cycle.
 
 ### How it works
 
@@ -147,11 +148,11 @@ DevGuard ships with community-managed policies pre-aligned to ISO 27001, CRA, an
 - Write custom Rego policies for your specific regulatory requirements
 - Map policies to compliance controls for audit evidence
 
-When a policy fails, the pipeline stops and the developer sees exactly which requirement was not met—with a link to the relevant documentation. Compliance feedback happens at the point where it costs the least to fix.
+When a policy fails, the pipeline stops and the developer sees exactly which software compliance requirement was not met—with a link to the relevant documentation. Feedback happens at the point where it costs the least to fix.
 
 ### The shift-left benefit for compliance officers
 
-When developers get compliance feedback in their normal workflow, you stop being the department that blocks releases and start being the team that enabled a compliant delivery process from the beginning. This changes the conversation:
+When developers get software compliance feedback in their normal workflow, you stop being the department that blocks releases and start being the team that enabled a compliant delivery process from the beginning. This changes the conversation:
 
 - **Before:** "We found 47 unresolved CVEs during the pre-release audit. Release is blocked."
 - **After:** "Our pipelines have been enforcing the policy continuously. Here is the evidence."