Compliance & Regulatory Readiness
ServerTools ships with built-in compliance capabilities — HMAC-chained audit logs, NIST 800-92 enrichment, SIEM export, config auditing, and SBOM generation — so your security scans are audit-ready from day one.
4
Frameworks
11
NIST Fields
8
CERT-In Checks
100%
Offline
CERT-In Compliance
India's Computer Emergency Response Team requires organizations to report cyber incidents within 6 hours and maintain tamper-proof logs. ServerTools meets every CERT-In directive out of the box — HMAC-chained audit logs, NTP-synchronized timestamps, and an 8-point compliance check engine that validates your posture on every scan.
Applicable to all organizations operating in India, including BFSI, government, and critical infrastructure sectors per CERT-In Directions of April 2022.
HMAC-SHA256 Chain
Every log entry is chained with HMAC-SHA256, making tampering cryptographically detectable.
NTP Timestamps
Timestamps synchronized to NTP sources, ensuring forensic-grade time accuracy.
8-Check Engine
Built-in compliance engine validates 8 CERT-In requirements on every scan.
6-Hour Alerts
Incident detection within 6-hour reporting windows required by CERT-In directives.
NIST 800-92 Logs
Every audit entry includes 11 NIST fields: timestamp, event type, user identity, source IP, session ID, and more.
SIEM Export
Export logs in CEF, CSV, or JSON format for ingestion by Splunk, QRadar, Elastic, or any SIEM.
Config Auditing
Every configuration change is logged with before/after values, user attribution, and HMAC chain.
Startup Verification
Binary integrity is verified at startup via embedded checksums. Tampering halts execution.
SBOM Generation
Generate Software Bill of Materials in CycloneDX format for supply chain transparency.
SOC 2 Type II
SOC 2 auditors need evidence that security events are logged, monitored, and exportable. ServerTools produces NIST 800-92 compliant audit logs with 11 structured fields, exports to every major SIEM, and maintains an HMAC chain proving log integrity. Config changes are tracked, binary integrity is verified at startup, and SBOM generation covers supply chain requirements.
Covers CC6.1 (logical access), CC7.1 (monitoring), CC7.2 (incident detection), CC8.1 (change management), and CC9.1 (risk mitigation) trust service criteria.
ISO 27001
ServerTools aligns with key Annex A controls from ISO 27001:2022, giving you evidence artifacts for asset management, access logging, and change management.
A.8.9Asset Inventory
SBOM generation provides a complete inventory of bundled components, satisfying asset management requirements.
A.8.15Access Logging
Every scan, config change, and export is logged with user identity, source IP, and session context.
A.8.32Change Management
Config auditing captures before/after state of every change with HMAC integrity proof.
GDPR & DPDP
ServerTools is architected for data protection by design. There is no telemetry, no outbound network traffic, and no PII processing. Licensing uses Ed25519 cryptographic signatures verified entirely offline. Every byte stays on your infrastructure.
Supports EU GDPR Article 25 (data protection by design) and India's Digital Personal Data Protection Act, 2023.
Privacy Architecture
- No telemetry — zero data collection
- Zero outbound network calls
- All scanning happens locally
- Ed25519 licensing — works offline
- No PII in scan results
- Logs stored locally, never transmitted
- Air-gap capable by design
Audit Log Viewer
Every event is enriched with NIST 800-92 fields and chained with HMAC-SHA256.
| SEQ | TIMESTAMP | EVENT | USER | SOURCE_IP | SCANNER | SCORE | TARGET |
|---|---|---|---|---|---|---|---|
| 0001 | 2025-01-15T09:23:41Z | scan_complete | admin | 10.0.1.50 | mysql_audit | 73 | db-prod-01 |
| 0002 | 2025-01-15T10:00:00Z | schedule_created | ops-team | 10.0.1.22 | cron_engine | — | */6h mysql_audit |
| 0003 | 2025-01-15T11:15:07Z | config_changed | admin | 10.0.1.50 | global | — | report_format=pdf |
| 0004 | 2025-01-15T12:00:00Z | compliance_check | system | 127.0.0.1 | cert_in | 8/8 | all_scanners |
{ "sequence_number": 1, "timestamp": "2025-01-15T09:23:41.892Z", "event_type": "scan_complete", "severity": "info", "user_identity": "admin", "source_ip": "10.0.1.50", "session_id": "sess_a8f3e2c1", "scanner_id": "mysql_audit", "target": "db-prod-01", "result_summary": { "score": 73, "findings": 12 }, "hmac": "b7e4d2...a91f03"}
CEF Export
CEF:0|ServerTools|audit|1.0|scan_complete |Scan Complete|5|src=10.0.1.50 duser=admin cs1=mysql_audit
CSV Export
seq,timestamp,event_type,severity, user_identity,source_ip,session_id, scanner_id,target,score,hmac
JSON Export
[
{ "seq": 1, "event_type":
"scan_complete", ... },
{ "seq": 2, ... }
]Control Mapping
How each ServerTools feature maps to the four compliance frameworks.
| Feature | CERT-In | SOC 2 | ISO 27001 | GDPR/DPDP |
|---|---|---|---|---|
| HMAC Chain | ||||
| NTP Timestamps | ||||
| NIST 800-92 Fields | ||||
| SIEM Export | ||||
| Config Auditing | ||||
| Startup Verification | ||||
| SBOM Generation | ||||
| Compliance Engine | ||||
| Incident Alerts | ||||
| Ed25519 Licensing | ||||
| Zero Telemetry | ||||
| Local Processing |
Compliance features require an Enterprise license
HMAC audit logs, CERT-In compliance engine, SIEM export, config auditing, and SBOM generation are included in the Enterprise tier.
$599 one-time