.png?fit=max&auto=format&n=tsMQJyneJ1xquFUo&q=85&s=4d401cc03b547d99b6f75a6bd170c334){kind=spacer}
Documentation Index
Fetch the complete documentation index at: https://help.dsalta.com/llms.txt
Use this file to discover all available pages before exploring further.
2026-05-18
UpdateTests
Weekly roundup — provider-specific remediation steps, richer test detail view, and cleaner test result statuses
Here’s what shipped this week.
Updates
Provider-specific remediation steps
Every compliance test now includes step-by-step remediation instructions tailored to the specific cloud provider. Instead of generic guidance, you’ll see exact console paths and settings — for example, where to create a CloudWatch alarm in AWS, how to configure an alert rule in Azure Monitor, or where to set up a monitoring policy in GCP. This makes it faster to fix failing tests without leaving DSALTA.Browse any test from the Integrations section — for example, AWS DynamoDB latency should be monitored or Azure Defender should be enabled.Test metadata and framework mapping in the app
Test detail pages in DSALTA now display key metadata — including Test ID, SLA, responsible role, and sync frequency — directly in the platform. Compliance framework mappings for each test are also visible in the test detail view, so you can see which frameworks a test covers without switching to the docs.View any test from Data Library → Tests or from an integration’s test list.Cleaner test result statuses
Test results now show clearer status indicators — Passing, Failing, and Not configured — with direct action items for each state. Failing tests link straight to remediation steps, and SLA deadlines are managed dynamically in the platform rather than as fixed values.2026-05-11
NewUpdateIntegrations
Weekly roundup — test remediation guides, redesigned integration pages, and streamlined integrations overview
Here’s what shipped this week.
New features
Remediation guides on every compliance test
Every automated compliance test now includes a step-by-step remediation guide. When a test fails, you’ll see exactly why it matters, what DSALTA checked, how to fix it, and which compliance frameworks it covers. Each test page also includes an FAQ section covering sync frequency, failure notifications, exclusions, and read-only access.Browse any test from the Integrations section — for example, AWS CloudTrail should be enabled or Code scanning alerts should be resolved.Updates
Redesigned integration pages
All integration landing pages now include expanded data collection details, key use cases, improved authentication guidance, and clearer post-connection expectations. You’ll see exactly what data DSALTA collects, how it’s used, and how long the initial sync takes.See any integration page — for example, Amazon Web Services (AWS) or GitHub.Streamlined integrations overview
The Integrations overview page has been simplified with tighter descriptions and a cleaner data module mapping table, making it faster to understand what each integration provides.Supabase integration removed
The Supabase integration has been removed from the platform. If you were using it, your data has already been synced and existing evidence is unaffected.2026-05-04
NewUpdateIntegrations
Weekly roundup — GitHub security scanning tests, GitLab compliance tests, control detail enhancements, and integration settings shortcut
Here’s what shipped this week.
New features
GitHub security scanning tests
DSALTA now includes automated compliance tests for GitHub’s built-in security features. Three new tests verify that code scanning alerts, secret scanning alerts, and Dependabot vulnerability alerts are resolved within SLA. Each test runs automatically when GitHub is connected and flags unresolved findings so your team can remediate before auditors ask.See test details for code scanning, secret scanning, and Dependabot SLA.GitLab compliance tests
Seven new automated tests now cover GitLab environments. DSALTA checks that group-level MFA is enforced, branch protection rules apply to admins, peer review is required before merging, CI status checks must pass, code repositories are classified, and offboarded users have their access removed. These tests run continuously once GitLab is connected.See all GitLab tests in the GitLab integration page.Updates
Control detail enhancements
The Control Detail drawer now shows richer metadata at a glance — including control ID, source, owner, review frequency, and current status. Evidence completion logic is clearer: a control is marked Completed only when all mapped policies, documents, and tests show a green checkmark. If anything is missing, it shows Needs Attention.Explore any control from Controls or Control Detail.Integration settings shortcut
You can now manage your connected integrations directly from Settings → Integrations without navigating to the main Integrations page. This mirrors the full integration management experience for faster access when you’re already in Settings.Manage integrations from Settings → Integrations or the main Integrations page.Policy detail improvements
The Policy Detail page now displays a unique policy ID, formal approval workflows with timestamps, and a controls mapping section that shows exactly which compliance controls each policy satisfies. Add or remove control mappings directly from the detail view, and use the comments section to collaborate with your team and auditors.Open any policy from Policies or Policy Detail.2026-04-27
NewUpdatePlatformIntegrations
Weekly roundup — change management tracking, per-test documentation, vendor questionnaire templates, risk approval workflow, and document SLAs
Here’s what shipped this week.
New features
Change management tracking
DSALTA now automatically tracks change requests from connected project management and code repository integrations. GitHub Issues, Asana tasks, Linear tickets, and Trello cards feed a dedicated Changes module — giving you a complete audit trail of change request tickets, assignees, resolution status, and timelines. Automated tests verify that a ticketing system is configured, tickets have assignees, and change requests are resolved within 30 days.See how integrations feed the Changes module in the Integrations overview.Incident lifecycle tracking
Security incidents from monitoring tools like Datadog and Grafana are now tracked end-to-end in DSALTA. Incidents flow into a dedicated module with lifecycle status, so auditors can verify that reported incidents are investigated and closed. Automated tests check that incidents in GuardDuty, Microsoft Defender, and Security Command Center are resolved.Connect a monitoring integration from Settings → Integrations.Per-test documentation
Every automated compliance test now has its own documentation page with the test ID, what it checks, which integration it runs against, the responsible security role, and the SLA for remediation. Browse test docs directly from the Integrations section — for example, AWS CloudTrail should be enabled or Branch protection should be enabled on repositories.Updates
Vendor questionnaire templates
When sending a security questionnaire to a vendor, you can now choose from pre-built templates — including GDPR Assessment, Cybersecurity Review, PCI DSS Compliance, and Risk Assessment — so you don’t have to write questions from scratch. Select a template, set a deadline, and send.Send a questionnaire from the Vendor Questionnaires page.Risk approval workflow
Risk assessments in the Risk Register now support a formal approval step. After setting likelihood, impact, and treatment plan, click Approve to lock in the assessment with a timestamp and approver name — creating a clear audit trail for your risk management process.Manage risks in the Risk Register.Document SLAs
Every compliance document now has an automatically assigned SLA — typically 7 to 30 days depending on the document type. Due dates appear in the document list so your team can prioritize evidence collection and avoid falling behind on audit deadlines.View document deadlines in Documents.Code review evidence
DSALTA now pulls pull request history, peer review status, and CI/CD check results from connected code repositories like GitHub, GitLab, Bitbucket, and Azure DevOps. This proves code review compliance — including that the author and reviewer are different people — and feeds directly into your framework evidence.Connect a code repository from Settings → Integrations.2026-04-20
NewUpdatePlatform
Weekly roundup — Help Center, active frameworks management, compliance and pricing FAQs, and workspace controls
Here’s what shipped this week.
New features
Help Center with troubleshooting guides
A new Help Center is now available with dedicated troubleshooting guides covering the most common issues — integration connection errors, evidence sync problems, audit questions, Trust Center setup, and login or access difficulties. Each guide walks you through the fix step by step.Browse all guides in the Troubleshooting section.Active frameworks management
A dedicated Active Frameworks page lets you see all your enabled frameworks in one place. Each card shows completion percentage, region, and standard type. You can deactivate frameworks you no longer need or click through to the full framework detail view — all without leaving the page.Manage your frameworks in Active Frameworks.Updates
Compliance FAQ
Common questions about frameworks, controls, policies, and audits are now answered in a dedicated FAQ. Topics include how controls map across frameworks, what “Needs Attention” means, how audit readiness is calculated, and what auditors can see.Read the Compliance FAQ.Pricing FAQ
A new pricing FAQ covers plan structure, vendor monitoring tiers, framework activation, and trial options — so you can find answers without contacting sales.Read the Pricing FAQ.Workspace and account controls
Owners and admins can now delete a workspace entirely from Settings, permanently removing all compliance data. Individual users can also delete their own account from the Profile page without affecting the organization workspace.Manage your workspace in Workspace Settings or your account in My Profile.Framework settings shortcut
You can now activate or deactivate compliance frameworks directly from Settings → Compliance Frameworks — a shortcut that mirrors the main Compliance section for faster access.See Compliance Frameworks (Settings).2026-04-13
NewUpdatePlatform
Weekly roundup — MDM device enrollment, vendor monitoring options, framework preview, audit controls view, and more
Here’s what shipped this week.
New features
MDM device enrollment
You can now enroll devices automatically through MDM integrations like JumpCloud, Google Endpoint, and Microsoft Intune — no manual agent install required. DSALTA pulls device compliance data directly, including a new password manager detection check alongside encryption, antivirus, screen lock, and OS version.See all device sources in Devices.Framework preview mode
Before activating a new framework, you can now click Explore to preview its full requirements, areas, and controls. This lets you assess scope and effort without committing — helpful when deciding between similar frameworks.Browse options in Available Frameworks.Workflow checks
A new evidence type — workflow checks — lets you track recurring manual verifications alongside policies, documents, and automated tests. These count toward your framework readiness metrics and give auditors visibility into processes that can’t be fully automated.Learn how evidence types work in Key Concepts.Updates
Audit controls view
A new Controls tab inside each audit shows control coverage grouped by requirement area. See which controls have complete evidence and which still need work, with a framework overview that highlights your biggest gaps at a glance.View audit controls in Audit Controls.Audit evidence workflow
The evidence review process now includes clearer status tracking — Not Ready, Flagged, Ready, Accepted, and Not Applicable — with timestamps on every item for a complete audit trail. Both you and your auditor can leave threaded comments on any evidence item.Learn more in Audit Evidence.Manual vs. automated vendor monitoring
When adding a vendor, you now choose between AI-powered continuous monitoring or self-managed manual assessments. Use automated monitoring for critical vendors and manual for lower-tier ones to balance depth with cost.Set it up in the Vendor List.Vendor compliance certifications
The vendor summary page now displays which certifications a vendor holds — ISO 27001, SOC 2, GDPR, and others — so you can quickly assess regulatory alignment without reading the full risk report.Check vendor profiles in Vendor Summary.Trust Center settings
A dedicated settings page lets you customize your Trust Center subdomain, connect a custom domain with automatic SSL, and configure DNS records — all in one place.Set up your domain in Trust Center Settings.2026-04-06
NewUpdateIntegrations
Weekly roundup — Supabase integration, access reviews, notification preferences, and more
Here’s what shipped this week.
New features
Supabase integration
DSALTA now connects to Supabase. Once linked, it pulls user access data and database inventory automatically — giving you compliance evidence without manual work. Like all integrations, access is read-only.Connect Supabase from Settings → Integrations.Access reviews
A new Access page shows who has access to which systems across all your connected integrations. Filter by integration, verify permissions, and spot deactivated accounts — all in one place. Useful for quarterly access reviews required by SOC 2 and ISO 27001.Review access in People & Access.Notification preferences
You can now control which email alerts you receive. Toggle notifications for vendor risk changes, platform updates, task assignments, audit activity, and evidence updates — so you stay informed without the noise.Manage your preferences in Notifications.Updates
Security posture score on the dashboard
Your compliance dashboard now displays a customer-facing security posture score out of 1,000. A score of 800 or above is considered healthy. This gives you a quick read on your overall security standing alongside your existing framework readiness metrics.See your score on the Dashboard.Security roles
Security roles now have a dedicated settings page. Assign organizational compliance roles — InfoSec Officer, Privacy Officer, and People Operations — and DSALTA automatically routes the right tasks to the right people. One person can hold multiple roles on smaller teams.Configure roles in Security Roles.Policy detail view
The policy detail page now includes inline editing, formal approval workflows, PDF export, unique policy IDs, and a comments section for team and auditor collaboration. You can also manage which controls each policy maps to directly from the detail view.View any policy from Policies.Control detail drawer
Clicking any control now opens a detail drawer with three tabs: Evidence & Monitoring (mapped policies, documents, and tests), Risk Scenarios (pre-evaluated risks the control mitigates), and Mapped Frameworks (every framework the control applies to). Completing evidence in one framework automatically satisfies it everywhere else.Explore controls in Controls.2026-03-30
NewUpdatePlatformIntegrations
Weekly roundup — SSO, employee portal, device agent, compliance dashboard, vendor risk, Trust Center, 36 integrations, and more
This week’s release is a big one. Here’s everything that shipped.