.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334){kind=spacer}
2026-03-26
NewUpdatePlatform
Controls management, guided onboarding, document evidence, asset inventory, and more
Controls management
You can now view and manage all compliance controls across your active frameworks in a single table. Filter by status, framework, or owner, and bulk-assign control owners to streamline accountability. Click any control to see its evidence, risk scenarios, and cross-framework mappings — completing evidence for one control automatically satisfies it everywhere it’s mapped.See your controls in Controls and explore individual items in Control Detail.Guided onboarding roadmap
A new four-phase setup wizard walks you through configuring your compliance program step by step — from initial onboarding through policies, tests, risks, and audit readiness. Each phase includes AI-assisted guidance, estimated completion times, and a progress tracker so you always know where you stand.Follow along in the Onboarding Roadmap.Document evidence management
Upload and organize all your compliance evidence documents — board charters, insurance certificates, SOC reports, and more. Drag and drop files into any document’s detail view, and the related control status updates automatically. Team members can collaborate with comments directly on each document.Manage your documents in Documents.Asset inventory
DSALTA now automatically discovers and catalogs all hardware, software, and cloud assets from your connected integrations. View service names, sources, accounts, regions, and descriptions in one centralized inventory — no manual entry required.Browse your assets in Inventory.Vendor executive summary
Get a bird’s-eye view of your entire vendor risk portfolio on a single dashboard. See total vendor count, average risk scores, grade distribution, and tier breakdowns. Quickly identify your highest- and lowest-rated vendors and spot fourth-party concentration risks across your supply chain.View your portfolio in the Vendor Executive Summary.Trust Center access management
When customers request access to private documents on your Trust Center, you can now review and approve or deny each request. An access log shows who has been granted access, how many pages they’ve viewed, and their activity history.Manage access in Trust Center Access.Team management and roles
Invite team members by email and assign one of four roles — Owner, Admin, Member, or Auditor — each with distinct permission levels. Assign security roles like InfoSec Officer or Privacy Officer to automatically route compliance tasks to the right people.Set up your team in Team Members and review permissions in Roles & Permissions.Notification preferences
Control which email alerts you receive, including vendor risk changes, task assignments, audit activity, and evidence status updates. Stay informed without inbox overload.Customize your alerts in Notifications.Compliance dashboard
Your new home in DSALTA. The dashboard gives you a real-time view of audit readiness across every active framework, with at-a-glance widgets for controls completion, policy approvals, test pass rates, and document uploads. You can also see your Trust Center status, vendor risk grade distribution, and overdue tasks — all in one place.See what’s on your dashboard in the Dashboard overview.Task management
DSALTA now assigns compliance tasks automatically based on your team’s security roles. Each task has an SLA and is grouped by priority — overdue, urgent, upcoming, and not scheduled — so you always know what to work on next. Filter by assignee, status, or category to focus on what matters.Learn more in My Tasks.Audit management
Run your next audit end-to-end inside DSALTA. Create an audit, select a framework, invite your auditor by email, and give them limited read-only access to review evidence. Auditors can accept, flag, or mark evidence as not applicable, and both sides can leave comments. When the audit wraps up, export everything you need.Get started with Audits.AI-generated policies
DSALTA can now generate compliance policies tailored to your company profile and active frameworks. Edit them inline, track versions, and map each policy to the controls it supports. When it’s time for annual renewal, the platform notifies the right people automatically.Manage your policies in Policies.Risk register
Document, score, and treat organizational risks with a built-in risk register. Each risk is scored by likelihood and impact, with both inherent and residual ratings. Choose from four treatment plans — mitigate, accept, transfer, or avoid — and map risks to controls for a complete picture. A pre-built Risk Library helps you get started quickly.See your risks in the Risk Register.People, devices, and access reviews
DSALTA syncs your employee directory from connected identity providers and tracks devices, MFA status, and system access across every integration. Assign policies and training to groups, monitor device security (encryption, antivirus, screen lock, OS version), and review cross-system access in one place.Explore People & Groups, Devices, and Access Reviews.AI-powered vendor risk scoring
Every vendor you add to DSALTA is now scored automatically across ten security categories — from application security to dark web exposure — with a 0–1000 rating and letter grade. DSALTA scans domains and IP addresses, tracks score trends month over month, and generates a detailed AI risk assessment you can share with stakeholders.View a vendor’s score in the Vendor Summary or dive into the full Risk Assessment.Trust Center
Launch a public-facing Trust Center to proactively share your security posture with customers. Customize it with your branding, display compliance certifications, publish downloadable resources with access controls, list subprocessors, and add FAQs. You can also set up a custom domain with automatic SSL.Set up yours in the Trust Center overview.18 framework guides
DSALTA now includes dedicated guides for SOC 2, ISO 27001, GDPR, HIPAA, PCI DSS, HITRUST, DORA, NIS 2, NIST 800-171, CIS Controls v8, NIST AI RMF, ISO 42001, EU AI Act, TISAX, NYCRR 500, US Data Privacy, ISO 9001, and APRA CPS 234. Each guide explains what the framework requires and how DSALTA helps you get compliant.Browse all guides in the Framework Guides tab.Academy
A new learning hub with product training courses and compliance education. Whether you’re onboarding or preparing for an audit, Academy walks you through DSALTA’s features and the frameworks you’re working toward.Start learning in Academy.Vendor questionnaires with AI-assisted responses
You can now send structured security questionnaires to your vendors directly from DSALTA. Choose from pre-built templates — GDPR Assessment, Cybersecurity Review, PCI DSS Compliance, and more — set a deadline, and track responses in one place. Vendors receive a link to complete the questionnaire and can use DSALTA’s AI assistant to help draft their answers at no cost.Learn more in the Vendor Questionnaires guide.Trust Center questionnaires
When customers send you security questionnaires, you can now upload them to DSALTA and let AI draft responses based on your existing compliance data — policies, controls, documents, and test results. Each answer is reviewed and approved by your team before it’s finalized. Over time, DSALTA builds a knowledge base from your approved answers so responses get better and faster.See how it works in Trust Center Questionnaires.Fourth-party discovery
DSALTA now automatically discovers the sub-vendors and technology providers your vendors depend on. You can see which fourth parties appear across multiple vendor relationships, helping you spot concentration risks in your supply chain.Explore your supply chain in Fourth Parties.Vulnerability tracking
Track CVEs across your infrastructure with CVSS severity scoring. Vulnerabilities are detected through your connected security integrations and vendor risk scanning, with details like base scores, affected assets, and remediation status.View your vulnerabilities in Assets & Vulnerabilities.Vendor remediation workflows
When you find security issues with a vendor, you can now send formal remediation requests with deadlines and automated email reminders. Track whether vendors have acknowledged and resolved each finding through a dedicated vendor portal.Learn more in Remediations.New integrations with 250+ automated compliance tests
DSALTA now connects to a much broader set of tools across your stack. You can connect these integrations from Settings > Integrations to start collecting compliance evidence automatically.New integrations
Identity providers — Google Workspace, Microsoft Entra ID, Azure Active Directory, Okta, JumpCloud, OneLoginCloud infrastructure — AWS, GCP, Azure, DigitalOcean, Heroku, NetlifyCode repositories — GitHub, GitLab, Bitbucket, Azure DevOpsSecurity & monitoring — Qualys, Wiz, Microsoft Defender for Endpoint, Datadog, Grafana, Sentry, CloudflareDatabases — MongoDB Atlas, Snowflake, SupabaseSaaS & productivity — Slack, Asana, Linear, Trello, Figma, HubSpot, Salesforce, Zoom, Box, IntercomAutomated compliance tests
Each integration now includes automated tests that run on a schedule after you connect. These cover areas like MFA enforcement, access reviews, encryption checks, backup verification, and infrastructure monitoring — over 250 tests in total. Results appear in your Tests dashboard with pass/fail evidence and timestamps.What this means for you
- Less manual work. Connect your tools and DSALTA starts collecting evidence automatically.
- Broader coverage. From identity providers to databases to project management, your compliance posture is tracked across your full stack.
- All read-only. Every integration uses read-only API access. DSALTA never modifies your systems.