Skip to content
Last updated July 2, 2026

Compliance Hub

Compliance Hub is where the security and compliance surface of HostAtlas lives. It’s not a single dashboard — it’s a section in the sidebar (Security & Compliance) that groups the pages that matter when an auditor asks for evidence.

  • Vulnerabilities — the fleet-wide CVE dashboard with KEV highlighting, top-10 CVEs and worst-affected hosts.
  • Security Scanner — the per-server posture view (packages, updates, CVE counts).
  • Policy Engine — fleet-wide rules that continuously check for drift.
  • Policy Violations — the flat “what’s failing now” view over every policy.
  • SSH Gatekeeper — just-in-time SSH access with approvals and session recording.
  • SIEM Forwarding — send HostAtlas events to Splunk / Sentinel / Elastic / QRadar.
  • Audit Log — who did what, when, from where.
  • Personal-data controls at /compliance — active sessions, login history, GDPR data export, account deletion.

This page is your GDPR / data-subject controls, per logged-in user. Three tabs:

  • Sessions — every device with an active login for your account, with IP, user agent, last activity. Terminate kicks a device out; Terminate all others kills every session except the current one (password confirmation required).
  • Login History — the last 50 login / failed / logout events with IP and user agent.
  • Data Export — download a JSON file containing your profile, servers, domains, incidents, events (last 500) and audit-log entries (last 500). This is GDPR Article 20 (Right to Data Portability).

Your account and tenant can also be deleted from your profile page (/profile). Deleting the last user in a tenant cascades to every resource.

HostAtlas doesn’t ship a formal SOC 2 / ISO 27001 / GDPR framework mapping in-app — the compliance features it does ship map naturally to the controls those frameworks require:

  • Access control — Roles, SSH Gatekeeper approvals, session termination.
  • Audit logging — Central audit log for every write action, retained for the life of the tenant.
  • Vulnerability management — CVE scanning, KEV tagging, per-host fix path.
  • Data protection — Encryption in transit; offsite backups client-side encrypted; GDPR data export & deletion.
  • Change management — Recipes, audit log entries for every recipe run and policy change.
  • Incident response — Incidents with MTTR tracking, AI post-attack analysis, forensic replay.
  • Log management — Central log tail, SIEM forwarding to your existing pipeline.
  • Reports — scheduled PDF exports that can package the compliance evidence for stakeholders.
  • Audit Log — the primary evidence source.
Was this page helpful?