Skip to main content
ChangeGuard continuously maps your cluster’s security posture to industry compliance frameworks.

Supported Frameworks

FrameworkFocus Areas
SOC 2Access control, change management, monitoring
PCI DSSNetwork segmentation, encryption, vulnerability management
HIPAAAccess control, audit controls, integrity
FedRAMPIdentity, configuration management, system integrity
EO 14028SBOM generation, vulnerability scanning, supply chain

Evidence Sources

  • Network policies → segmentation controls
  • RBAC configuration → access control
  • KubeBench → configuration hardening
  • Grype CVE scans → vulnerability management
  • Falco alerts → monitoring and intrusion detection
  • Syft SBOMs → supply chain controls
  • Audit trail → change management
Compliance scores are derived from real cluster state, not self-assessments. Export reports as CSV or JSON for auditors.