Compliance readiness at a glance
| Framework | Status | Key controls |
|---|---|---|
| SOC 2 Type II | Architecture ready | Encryption at rest and in transit, audit logging, SPIFFE-based access controls |
| NIST AI RMF | Architecture ready | Agent discovery, metrics, policy management, identity governance |
| GDPR | Architecture ready | Tenant data isolation, encryption, PII scanning, right to deletion support |
| HIPAA | Architecture ready | PHI isolation, complete audit trails, AES-256-GCM encryption |
| FedRAMP | Self-hosted air-gapped | Air-gapped deployment support, FIPS-compatible cryptography |
Key controls
Encryption
| Data state | Method |
|---|---|
| In transit | mTLS using SPIFFE SVIDs — all service-to-service communication |
| At rest (secrets) | AES-256-GCM (Hexr Vault) |
| At rest (database) | PostgreSQL with storage-level encryption |
| At rest (cache) | Valkey in-cluster only — no external network access |
Access control
| Control | Implementation |
|---|---|
| Identity | SPIFFE per-process identity — no shared credentials between agents |
| Authentication | mTLS with X.509-SVIDs + API key authentication for management APIs |
| Authorization | OPA policies evaluated at every service boundary |
| Tenant isolation | Kubernetes namespace isolation — one namespace per tenant |
| Data isolation | SPIFFE-scoped secret access — agents cannot read other agents’ secrets |
Audit logging
| Capability | Implementation |
|---|---|
| Request logging | Every request traced via OpenTelemetry with full agent identity context |
| Credential access | Every STS exchange logged with SPIFFE ID, service, and timestamp |
| Secret access | Every Vault read and write logged |
| LLM interactions | Every prompt and response logged (configurable retention) |
| Configuration changes | Kubernetes audit logging |
Framework mappings
SOC 2 Type II
| Control area | Hexr implementation |
|---|---|
| CC6.1 Logical access | SPIFFE identity, OPA policies, mTLS on all service boundaries |
| CC6.2 User authentication | SPIFFE SVIDs (X.509), API key authentication for management |
| CC6.3 Access authorization | OPA per-process policies, role-based credential scoping |
| CC6.6 System boundaries | Kubernetes namespaces, Firecracker microVMs for code execution |
| CC7.1 Monitoring | OpenTelemetry traces, Prometheus metrics, Grafana dashboards |
| CC7.2 Incident response | Audit logs, immediate credential revocation via SPIRE entry deletion |
| CC8.1 Change management | hexr build reproducible artifacts, hexr audit drift detection |
NIST AI Risk Management Framework
| Function | Hexr implementation |
|---|---|
| GOVERN | Tenant isolation, role-based access, API key management, policy governance |
| MAP | hexr build AST analysis maps all agent capabilities before deployment |
| MEASURE | OpenTelemetry metrics, per-agent cost attribution, LLM Guard statistics |
| MANAGE | Dashboard, OPA policies, credential rotation, complete audit trail |
GDPR
| Requirement | Hexr implementation |
|---|---|
| Data minimization | Per-process credential scoping — agents access only what they declare |
| Encryption | AES-256-GCM (Vault secrets), mTLS (all transit) |
| Access controls | SPIFFE identity + OPA policies on every operation |
| Audit trail | OpenTelemetry traces on every data operation |
| PII protection | LLM Guard PII scanner on all LLM inputs and outputs |
HIPAA
| Safeguard | Hexr implementation |
|---|---|
| Access controls | SPIFFE + OPA + Kubernetes namespace isolation |
| Audit controls | OpenTelemetry traces, structured logs via Loki |
| Transmission security | mTLS everywhere — TLS 1.3 minimum |
| Encryption | AES-256-GCM at rest, TLS 1.3 in transit |
Hexr’s self-hosted deployment supports air-gapped environments for FedRAMP and other air-gap requirements. See self-hosted deployment for configuration details.