# DSALTA Help Center ## Docs - [Changelog](https://help.dsalta.com/changelog.md): Stay up to date with the latest features, improvements, and changes to DSALTA. - [APRA CPS 234](https://help.dsalta.com/frameworks/apra-cps234/overview.md): Meet Australian prudential information security requirements for regulated financial entities. - [CIS Controls v8.1](https://help.dsalta.com/frameworks/cis-v8/overview.md): Implement prioritized cybersecurity best practices with the CIS Controls framework. - [DORA](https://help.dsalta.com/frameworks/dora/overview.md): Achieve Digital Operational Resilience for financial entities under the EU's DORA regulation. - [EU AI Act](https://help.dsalta.com/frameworks/eu-ai-act/overview.md): Comply with the world's first comprehensive AI regulation — risk classification, transparency, and governance. - [GDPR](https://help.dsalta.com/frameworks/gdpr/overview.md): Meet EU data protection requirements with automated privacy controls and evidence collection. - [HIPAA](https://help.dsalta.com/frameworks/hipaa/overview.md): Protect healthcare data with HIPAA-compliant administrative, physical, and technical safeguards. - [HITRUST CSF](https://help.dsalta.com/frameworks/hitrust/overview.md): Achieve HITRUST certification with a comprehensive, risk-based security framework. - [ISO 27001:2022](https://help.dsalta.com/frameworks/iso27001/overview.md): Implement and certify your Information Security Management System (ISMS) with DSALTA. - [ISO 42001:2023](https://help.dsalta.com/frameworks/iso42001/overview.md): Establish an AI Management System (AIMS) for responsible AI development and deployment. - [ISO 9001](https://help.dsalta.com/frameworks/iso9001/overview.md): Implement a Quality Management System (QMS) to demonstrate consistent product and service quality. - [NIS 2](https://help.dsalta.com/frameworks/nis2/overview.md): Meet the EU's expanded cybersecurity requirements for essential and important entities. - [NIST 800-171](https://help.dsalta.com/frameworks/nist-800-171/overview.md): Protect Controlled Unclassified Information (CUI) for US government contractors. - [NIST AI RMF](https://help.dsalta.com/frameworks/nist-ai-rmf/overview.md): Manage AI system risks with the NIST AI Risk Management Framework. - [Title 23 NYCRR Part 500](https://help.dsalta.com/frameworks/nycrr500/overview.md): Meet New York's cybersecurity requirements for financial services companies. - [PCI DSS](https://help.dsalta.com/frameworks/pcidss/overview.md): Secure payment card data with PCI DSS controls for both version 3.2.1 and 4.0.1. - [SOC 2](https://help.dsalta.com/frameworks/soc2/overview.md): Achieve SOC 2 compliance with automated controls, evidence collection, and audit preparation. - [TISAX](https://help.dsalta.com/frameworks/tisax/overview.md): Achieve automotive industry information security certification through TISAX assessment. - [US Data Privacy](https://help.dsalta.com/frameworks/us-data-privacy/overview.md): Comply with US state data privacy regulations including CCPA, CPRA, and emerging state laws. - [DSALTA Academy](https://help.dsalta.com/guides/academy/overview.md): Learn about compliance concepts, platform features, and best practices. - [Audit Controls](https://help.dsalta.com/guides/compliance/audit-controls.md): Track control coverage and compliance readiness during an audit. - [Audit Evidence](https://help.dsalta.com/guides/compliance/audit-evidence.md): Review, manage, and approve evidence submissions during a compliance audit. - [Audits](https://help.dsalta.com/guides/compliance/audits.md): Create, manage, and track compliance audits from start to completion. - [Control Detail](https://help.dsalta.com/guides/compliance/control-detail.md): View evidence, monitoring, risk scenarios, and cross-framework mappings for any control. - [Controls](https://help.dsalta.com/guides/compliance/controls.md): View and manage all compliance controls across your active frameworks. - [Framework Detail](https://help.dsalta.com/guides/compliance/framework-detail.md): Explore areas, criteria, controls, and readiness metrics for any active framework. - [Active Frameworks](https://help.dsalta.com/guides/compliance/frameworks-active.md): View and manage the compliance frameworks your organization has activated. - [Available Frameworks](https://help.dsalta.com/guides/compliance/frameworks-available.md): Browse and activate from 20+ supported compliance frameworks. - [Dashboard](https://help.dsalta.com/guides/dashboard/overview.md): Your compliance command center — track framework progress, tasks, vendor risk, and audit readiness at a glance. - [Access Reviews](https://help.dsalta.com/guides/data-library/access.md): Review employee access across all connected systems and integrations. - [Devices](https://help.dsalta.com/guides/data-library/devices.md): Track employee device compliance, MDM enrollment, and security configurations. - [Documents](https://help.dsalta.com/guides/data-library/documents.md): Centralize and manage all compliance evidence documents. - [Inventory](https://help.dsalta.com/guides/data-library/inventory.md): Track all hardware, software, and cloud assets discovered from your integrations. - [People & Groups](https://help.dsalta.com/guides/data-library/people.md): Manage employee data, policy acknowledgments, training completion, and group-based task assignment. - [Policies](https://help.dsalta.com/guides/data-library/policies.md): Manage, customize, and approve AI-generated compliance policies. - [Policy Detail](https://help.dsalta.com/guides/data-library/policy-detail.md): View, edit, approve, and manage individual policy documents. - [Risk Library](https://help.dsalta.com/guides/data-library/risk-library.md): Browse pre-built risk templates to quickly populate your risk register. - [Risk Register](https://help.dsalta.com/guides/data-library/risk-register.md): Identify, score, and manage organizational risks with treatment plans. - [Test Detail](https://help.dsalta.com/guides/data-library/test-detail.md): View test results, source data, historical runs, and remediation guidance. - [Tests](https://help.dsalta.com/guides/data-library/tests.md): Monitor automated and manual compliance tests across all frameworks. - [Vulnerabilities](https://help.dsalta.com/guides/data-library/vulnerabilities.md): Track, assess, and remediate vulnerabilities across your infrastructure. - [Compliance FAQ](https://help.dsalta.com/guides/faq/compliance.md): Answers to common compliance and audit-related questions. - [General FAQ](https://help.dsalta.com/guides/faq/general.md): Answers to the most common questions about DSALTA. - [Pricing FAQ](https://help.dsalta.com/guides/faq/pricing.md): Answers to questions about DSALTA pricing and plans. - [Key Concepts](https://help.dsalta.com/guides/getting-started/key-concepts.md): Understand the core building blocks of DSALTA: frameworks, controls, policies, documents, tests, and evidence. - [Onboarding Roadmap](https://help.dsalta.com/guides/getting-started/onboarding-roadmap.md): Follow the guided setup to configure your compliance program step by step. - [Welcome to DSALTA](https://help.dsalta.com/guides/getting-started/welcome.md): Everything you need to manage compliance frameworks, controls, and evidence in one place. - [Company Information](https://help.dsalta.com/guides/settings/company-information.md): Set up your company profile for compliance documentation and Trust Center display. - [Compliance Frameworks (Settings)](https://help.dsalta.com/guides/settings/compliance-frameworks.md): Activate or deactivate compliance frameworks from the Settings page. - [Integrations (Settings)](https://help.dsalta.com/guides/settings/integrations.md): Manage connected integrations from the Settings page. - [Team Members](https://help.dsalta.com/guides/settings/members.md): Invite team members, assign roles, and manage access to your DSALTA workspace. - [My Profile](https://help.dsalta.com/guides/settings/my-profile.md): Update your name, password, and account preferences. - [Notifications](https://help.dsalta.com/guides/settings/notifications.md): Control which alerts and emails you receive from DSALTA. - [Product / Service Profile](https://help.dsalta.com/guides/settings/product-service.md): Configure your product or service details for your Trust Center and compliance documentation. - [Roles & Permissions](https://help.dsalta.com/guides/settings/roles-and-permissions.md): Understand the four predefined roles and their permission levels. - [Security & Legal URLs](https://help.dsalta.com/guides/settings/security.md): Configure your privacy policy, terms of service, and security contact information. - [Security Roles](https://help.dsalta.com/guides/settings/security-roles.md): Assign organizational compliance roles like InfoSec Officer, Privacy Officer, and People Ops. - [Vendor Risk Settings](https://help.dsalta.com/guides/settings/vendor-risk-management.md): Configure vendor tiers, portfolios, and risk management preferences. - [Workspace Settings](https://help.dsalta.com/guides/settings/workspace.md): Manage your DSALTA workspace settings, including how to permanently delete a workspace and all associated compliance data. - [My Tasks](https://help.dsalta.com/guides/tasks/my-tasks.md): Manage all compliance tasks assigned to you, organized by urgency and SLA. - [Trust Center Access](https://help.dsalta.com/guides/trust-center/access.md): Manage customer requests to view your Trust Center documents and resources. - [Trust Center Overview](https://help.dsalta.com/guides/trust-center/overview.md): Showcase your security and compliance posture to customers with a customizable public page. - [Trust Center Questionnaires](https://help.dsalta.com/guides/trust-center/questionnaires.md): Answer customer security questionnaires using AI-powered responses and a reusable knowledge base. - [Trust Center Settings](https://help.dsalta.com/guides/trust-center/settings.md): Configure your custom domain, SSL, and branding for the Trust Center. - [Vendor Executive Summary](https://help.dsalta.com/guides/vendors/executive-summary.md): High-level overview of your vendor risk portfolio — scores, distribution, and trends. - [Fourth Parties](https://help.dsalta.com/guides/vendors/fourth-parties.md): Track the technology providers and services your vendors depend on. - [Vendor Questionnaires](https://help.dsalta.com/guides/vendors/questionnaires.md): Send, manage, and track security questionnaires to assess vendor compliance. - [Vendor Remediations](https://help.dsalta.com/guides/vendors/remediations.md): Create, track, and manage remediation requests sent to vendors. - [Vendor Risk Assessment](https://help.dsalta.com/guides/vendors/risk-assessment.md): AI-powered detailed risk evaluation including security policies, data protection, and operational resilience. - [Vendor Risk History](https://help.dsalta.com/guides/vendors/risk-history.md): Track security findings, severity trends, and remediation progress over time. - [Vendor List](https://help.dsalta.com/guides/vendors/vendor-list.md): Add, classify, and manage all third-party vendors in your compliance program. - [Vendor Summary](https://help.dsalta.com/guides/vendors/vendor-summary.md): AI-powered overview of a vendor's security posture, certifications, and risk score. - [Asana](https://help.dsalta.com/integrations/asana.md): How DSALTA integrates with Asana — data collected, permissions required, setup guide, and automated compliance tests. - [All change tickets should have an assignee](https://help.dsalta.com/integrations/asana/all-change-tickets-should-have-an-assignee.md): Checks that all Asana change tickets have an assignee. - [At least one change management system should be connected](https://help.dsalta.com/integrations/asana/at-least-one-change-management-system-should-be-connected.md): Checks that at least one change management system is connected via Asana. - [Change request tickets should be resolved within 30 days](https://help.dsalta.com/integrations/asana/change-request-tickets-should-be-resolved-within-30-days.md): Checks that Asana change request tickets are resolved within 30 days. - [Ticketing system for change management should be configured](https://help.dsalta.com/integrations/asana/ticketing-system-for-change-management-should-be-configured.md): Checks that a ticketing system for change management is set up in Asana. - [Amazon Web Services (AWS)](https://help.dsalta.com/integrations/aws.md): How DSALTA integrates with Amazon Web Services (AWS) — data collected, permissions required, setup guide, and automated compliance tests. - [AWS access should be removed for offboarded users](https://help.dsalta.com/integrations/aws/aws-access-should-be-removed-for-offboarded-users.md): Checks that AWS access is revoked for offboarded users. - [AWS account password policy should be configured](https://help.dsalta.com/integrations/aws/aws-account-password-policy-should-be-configured.md): Checks that an AWS account-level password policy is configured. - [AWS API Gateway V2 errors should be monitored](https://help.dsalta.com/integrations/aws/aws-api-gateway-v2-errors-should-be-monitored.md): Checks that AWS API Gateway V2 errors are being monitored. - [AWS application load balancer should be protected from direct internet traffic](https://help.dsalta.com/integrations/aws/aws-application-load-balancer-should-be-protected-from-direc.md): Checks that AWS application load balancers are not directly exposed to the internet. - [AWS classic load balancer errors should be monitored](https://help.dsalta.com/integrations/aws/aws-classic-load-balancer-errors-should-be-monitored.md): Checks that AWS classic load balancer error rates are being monitored. - [AWS classic load balancer latency should be monitored](https://help.dsalta.com/integrations/aws/aws-classic-load-balancer-latency-should-be-monitored.md): Checks that AWS classic load balancer latency is being monitored. - [AWS CloudTrail log file integrity validation should be enabled](https://help.dsalta.com/integrations/aws/aws-cloudtrail-log-file-integrity-validation-should-be-enabl.md): Checks that AWS CloudTrail log file integrity validation is enabled. - [AWS CloudTrail logging bucket should be protected from direct internet traffic](https://help.dsalta.com/integrations/aws/aws-cloudtrail-logging-bucket-should-be-protected-from-direc.md): Checks that the CloudTrail logging S3 bucket is not publicly accessible. - [AWS CloudTrail S3 logging bucket access logging should be enabled](https://help.dsalta.com/integrations/aws/aws-cloudtrail-s3-logging-bucket-access-logging-should-be-en.md): Checks that access logging is enabled on the S3 bucket used by CloudTrail. - [AWS CloudTrail should be enabled](https://help.dsalta.com/integrations/aws/aws-cloudtrail-should-be-enabled.md): Checks that AWS CloudTrail is enabled to log account activity. - [AWS credentials not used in last 90 days should be disabled](https://help.dsalta.com/integrations/aws/aws-credentials-not-used-in-last-90-days-should-be-disabled.md): Checks that AWS credentials unused for 90+ days are disabled. - [AWS DynamoDB backup should be enabled](https://help.dsalta.com/integrations/aws/aws-dynamodb-backup-should-be-enabled.md): Verify that AWS DynamoDB tables have automated backups enabled to prevent data loss and meet compliance requirements. - [AWS DynamoDB latency should be monitored](https://help.dsalta.com/integrations/aws/aws-dynamodb-latency-should-be-monitored.md): Checks that AWS DynamoDB read/write latency is being monitored. - [AWS DynamoDB point-in-time recovery should be enabled](https://help.dsalta.com/integrations/aws/aws-dynamodb-point-in-time-recovery-should-be-enabled.md): Checks that AWS DynamoDB point-in-time recovery (PITR) is enabled. - [AWS DynamoDB read capacity should be monitored](https://help.dsalta.com/integrations/aws/aws-dynamodb-read-capacity-should-be-monitored.md): Checks that AWS DynamoDB read capacity utilization is being monitored. - [AWS DynamoDB should be encrypted](https://help.dsalta.com/integrations/aws/aws-dynamodb-should-be-encrypted.md): Checks that AWS DynamoDB tables are encrypted at rest. - [AWS DynamoDB write capacity should be monitored](https://help.dsalta.com/integrations/aws/aws-dynamodb-write-capacity-should-be-monitored.md): Checks that AWS DynamoDB write capacity utilization is being monitored. - [AWS EBS health should be monitored](https://help.dsalta.com/integrations/aws/aws-ebs-health-should-be-monitored.md): Checks that AWS EBS volume health status is being monitored. - [AWS EBS volume backup should be enabled](https://help.dsalta.com/integrations/aws/aws-ebs-volume-backup-should-be-enabled.md): Checks that EBS volume snapshots (backups) are enabled. - [AWS EBS volumes should be encrypted](https://help.dsalta.com/integrations/aws/aws-ebs-volumes-should-be-encrypted.md): Checks that AWS EBS volumes are encrypted at rest. - [AWS EC2 instance CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-ec2-instance-cpu-utilization-should-be-monitored.md): Checks that AWS EC2 instance CPU utilization is being monitored. - [AWS EC2 instances should be protected from direct internet traffic](https://help.dsalta.com/integrations/aws/aws-ec2-instances-should-be-protected-from-direct-internet-t.md): Checks that AWS EC2 instances are not directly exposed to the internet. - [AWS ECR repositories should be encrypted](https://help.dsalta.com/integrations/aws/aws-ecr-repositories-should-be-encrypted.md): Checks that AWS ECR container repositories are encrypted at rest. - [AWS ECS CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-ecs-cpu-utilization-should-be-monitored.md): Checks that AWS ECS CPU utilization is being monitored. - [AWS ECS memory utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-ecs-memory-utilization-should-be-monitored.md): Checks that AWS ECS memory utilization is being monitored. - [AWS EFS storage backup should be enabled](https://help.dsalta.com/integrations/aws/aws-efs-storage-backup-should-be-enabled.md): Verify that AWS EFS file systems have automated backups configured to protect against data loss and meet compliance requirements. - [AWS EFS storage should be encrypted](https://help.dsalta.com/integrations/aws/aws-efs-storage-should-be-encrypted.md): Verify that AWS EFS file systems are encrypted at rest to protect sensitive data and meet SOC 2, ISO 27001, and HIPAA requirements. - [AWS ElastiCache CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticache-cpu-utilization-should-be-monitored.md): Checks that AWS ElastiCache CPU utilization is being monitored. - [AWS ElastiCache current connections should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticache-current-connections-should-be-monitored.md): Checks that AWS ElastiCache current connection count is being monitored. - [AWS ElastiCache freeable memory should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticache-freeable-memory-should-be-monitored.md): Checks that AWS ElastiCache freeable memory is being monitored. - [AWS Elasticsearch cluster CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticsearch-cluster-cpu-utilization-should-be-monitore.md): Checks that AWS Elasticsearch cluster CPU utilization is being monitored. - [AWS Elasticsearch cluster free space should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticsearch-cluster-free-space-should-be-monitored.md): Checks that AWS Elasticsearch cluster free storage space is being monitored. - [AWS Elasticsearch cluster health should be monitored](https://help.dsalta.com/integrations/aws/aws-elasticsearch-cluster-health-should-be-monitored.md): Checks that AWS Elasticsearch cluster health status is being monitored. - [AWS Firehose stream throttling should be monitored](https://help.dsalta.com/integrations/aws/aws-firehose-stream-throttling-should-be-monitored.md): Checks that AWS Firehose stream throttling is being monitored. - [AWS FSx File System free space should be monitored](https://help.dsalta.com/integrations/aws/aws-fsx-file-system-free-space-should-be-monitored.md): Checks that AWS FSx File System free space is being monitored. - [AWS FSx File System storage backup should be enabled](https://help.dsalta.com/integrations/aws/aws-fsx-file-system-storage-backup-should-be-enabled.md): Checks that AWS FSx File System has backups enabled. - [AWS FSx File System storage should be encrypted](https://help.dsalta.com/integrations/aws/aws-fsx-file-system-storage-should-be-encrypted.md): Checks that AWS FSx File System storage is encrypted at rest. - [AWS groups should have at least one IAM policy](https://help.dsalta.com/integrations/aws/aws-groups-should-have-at-least-one-iam-policy.md): Checks that all AWS IAM groups have at least one policy attached. - [AWS GuardDuty should be enabled](https://help.dsalta.com/integrations/aws/aws-guardduty-should-be-enabled.md): Checks that AWS GuardDuty is enabled for threat detection. - [AWS Lightsail disk backup should be enabled](https://help.dsalta.com/integrations/aws/aws-lightsail-disk-backup-should-be-enabled.md): Checks that AWS Lightsail disk backups are enabled. - [AWS Lightsail disks should be encrypted](https://help.dsalta.com/integrations/aws/aws-lightsail-disks-should-be-encrypted.md): Checks that AWS Lightsail disks are encrypted at rest. - [AWS Lightsail instance CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-lightsail-instance-cpu-utilization-should-be-monitored.md): Checks that AWS Lightsail instance CPU utilization is being monitored. - [AWS load balancer errors should be monitored](https://help.dsalta.com/integrations/aws/aws-load-balancer-errors-should-be-monitored.md): Checks that AWS load balancer error rates are being monitored. - [AWS load balancer healthy host count should be monitored](https://help.dsalta.com/integrations/aws/aws-load-balancer-healthy-host-count-should-be-monitored.md): Checks that AWS load balancer healthy host count is being monitored. - [AWS load balancer host health should be monitored](https://help.dsalta.com/integrations/aws/aws-load-balancer-host-health-should-be-monitored.md): Checks that AWS load balancer backend host health is being monitored. - [AWS load balancer latency should be monitored](https://help.dsalta.com/integrations/aws/aws-load-balancer-latency-should-be-monitored.md): Checks that AWS load balancer latency is being monitored. - [AWS load balancer should have valid configuration](https://help.dsalta.com/integrations/aws/aws-load-balancer-should-have-valid-configuration.md): Checks that AWS load balancer configuration is valid and correct. - [AWS load balancer should redirect HTTP to HTTPS](https://help.dsalta.com/integrations/aws/aws-load-balancer-should-redirect-http-to-https.md): Checks that AWS load balancers redirect HTTP traffic to HTTPS. - [AWS RDS database backup should be enabled](https://help.dsalta.com/integrations/aws/aws-rds-database-backup-should-be-enabled.md): Checks that automated backups are enabled for AWS RDS databases. - [AWS RDS database CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-rds-database-cpu-utilization-should-be-monitored.md): Checks that AWS RDS CPU utilization is being monitored. - [AWS RDS database free space should be monitored](https://help.dsalta.com/integrations/aws/aws-rds-database-free-space-should-be-monitored.md): Checks that AWS RDS free storage space is being monitored. - [AWS RDS database freeable memory should be monitored](https://help.dsalta.com/integrations/aws/aws-rds-database-freeable-memory-should-be-monitored.md): Checks that AWS RDS freeable memory is being monitored. - [AWS RDS database IO utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-rds-database-io-utilization-should-be-monitored.md): Checks that AWS RDS I/O utilization is being monitored. - [AWS RDS database should be protected from direct internet traffic](https://help.dsalta.com/integrations/aws/aws-rds-database-should-be-protected-from-direct-internet-tr.md): Checks that AWS RDS databases are not directly exposed to the internet. - [AWS RDS database storage should be encrypted](https://help.dsalta.com/integrations/aws/aws-rds-database-storage-should-be-encrypted.md): Checks that AWS RDS database storage is encrypted at rest. - [AWS Redshift cluster backup should be enabled](https://help.dsalta.com/integrations/aws/aws-redshift-cluster-backup-should-be-enabled.md): Checks that automated backups are enabled for AWS Redshift clusters. - [AWS Redshift cluster should be encrypted](https://help.dsalta.com/integrations/aws/aws-redshift-cluster-should-be-encrypted.md): Checks that AWS Redshift clusters are encrypted at rest. - [AWS Redshift CPU utilization should be monitored](https://help.dsalta.com/integrations/aws/aws-redshift-cpu-utilization-should-be-monitored.md): Checks that AWS Redshift CPU utilization is being monitored. - [AWS Redshift health should be monitored](https://help.dsalta.com/integrations/aws/aws-redshift-health-should-be-monitored.md): Checks that AWS Redshift cluster health status is being monitored. - [AWS root account should have MFA enabled](https://help.dsalta.com/integrations/aws/aws-root-account-should-have-mfa-enabled.md): Verify that the AWS root account has multi-factor authentication enabled to prevent unauthorized access to your cloud environment. - [AWS root account usage should be avoided](https://help.dsalta.com/integrations/aws/aws-root-account-usage-should-be-avoided.md): Checks that the AWS root account is not being used for routine activity. - [AWS S3 bucket public access should be blocked](https://help.dsalta.com/integrations/aws/aws-s3-bucket-public-access-should-be-blocked.md): Checks that AWS S3 bucket public access block is enabled. - [AWS S3 buckets should be versioned](https://help.dsalta.com/integrations/aws/aws-s3-buckets-should-be-versioned.md): Verify that AWS S3 buckets have versioning enabled to protect against accidental deletion and support data recovery. - [AWS S3 server access logging should be enabled](https://help.dsalta.com/integrations/aws/aws-s3-server-access-logging-should-be-enabled.md): Checks that S3 server access logging is enabled for important buckets. - [AWS S3 storage buckets should be encrypted](https://help.dsalta.com/integrations/aws/aws-s3-storage-buckets-should-be-encrypted.md): Verify that AWS S3 storage buckets are encrypted at rest to protect sensitive data and meet SOC 2, ISO 27001, and PCI DSS requirements. - [AWS server access logs should be retained for 90 days](https://help.dsalta.com/integrations/aws/aws-server-access-logs-should-be-retained-for-90-days.md): Checks that AWS server access logs are retained for at least 90 days. - [AWS should be on HTTPS](https://help.dsalta.com/integrations/aws/aws-should-be-on-https.md): Verify that AWS resources are served over HTTPS to protect data in transit and meet PCI DSS, SOC 2, and GDPR requirements. - [AWS should redirect HTTP to HTTPS](https://help.dsalta.com/integrations/aws/aws-should-redirect-http-to-https.md): Checks that HTTP traffic is automatically redirected to HTTPS in AWS. - [AWS SQS message age should be monitored](https://help.dsalta.com/integrations/aws/aws-sqs-message-age-should-be-monitored.md): Checks that AWS SQS message age is being monitored. - [AWS SQS message visibility should be monitored](https://help.dsalta.com/integrations/aws/aws-sqs-message-visibility-should-be-monitored.md): Checks that AWS SQS message visibility timeout is being monitored. - [AWS user access keys should not be older than 90 days](https://help.dsalta.com/integrations/aws/aws-user-access-keys-should-not-be-older-than-90-days.md): Checks that AWS IAM user access keys are not older than 90 days. - [AWS users should have MFA enabled](https://help.dsalta.com/integrations/aws/aws-users-should-have-mfa-enabled.md): Verify that all AWS IAM users have multi-factor authentication enabled to protect against credential-based attacks. - [AWS users should not have attached IAM policies](https://help.dsalta.com/integrations/aws/aws-users-should-not-have-attached-iam-policies.md): Checks that AWS users do not have IAM policies attached directly. - [AWS VPC flow logs should be captured](https://help.dsalta.com/integrations/aws/aws-vpc-flow-logs-should-be-captured.md): Checks that VPC flow logs are enabled to capture network traffic. - [Infrastructure entities should be classified](https://help.dsalta.com/integrations/aws/infrastructure-entities-should-be-classified.md): Checks that all AWS infrastructure entities are classified by criticality. - [Reported incidents should be closed in GuardDuty](https://help.dsalta.com/integrations/aws/reported-incidents-should-be-closed-in-guardduty.md): Checks that incidents reported in GuardDuty are closed and resolved. - [Microsoft Azure](https://help.dsalta.com/integrations/azure.md): How DSALTA integrates with Microsoft Azure — data collected, permissions required, setup guide, and automated compliance tests. - [Azure Active Directory](https://help.dsalta.com/integrations/azure-active-directory.md): How DSALTA integrates with Azure Active Directory — data collected, permissions required, setup guide, and automated compliance tests. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/azure-active-directory/mfa-should-be-enabled-for-all-users.md): Checks that MFA is enabled for all Azure Active Directory users. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/azure-active-directory/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active Azure Active Directory access. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/azure-active-directory/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Azure Active Directory. - [Azure DevOps](https://help.dsalta.com/integrations/azure-devops.md): How DSALTA integrates with Azure DevOps — data collected, permissions required, setup guide, and automated compliance tests. - [Azure DevOps access should be removed for offboarded users](https://help.dsalta.com/integrations/azure-devops/azure-devops-access-should-be-removed-for-offboarded-users.md): Checks that Azure DevOps access is revoked for offboarded users. - [Branch protection rules should be enforced for admins](https://help.dsalta.com/integrations/azure-devops/branch-protection-rules-should-be-enforced-for-admins.md): Checks that branch protection rules apply to admin users in Azure DevOps. - [Code changes should be reviewed by peers before merging](https://help.dsalta.com/integrations/azure-devops/code-changes-should-be-reviewed-by-peers-before-merging.md): Checks that all code changes are reviewed by at least one peer before merging in Azure DevOps. - [Code repositories should be classified](https://help.dsalta.com/integrations/azure-devops/code-repositories-should-be-classified.md): Checks that all Azure DevOps code repositories are classified by criticality. - [Merging code changes should require passing status checks](https://help.dsalta.com/integrations/azure-devops/merging-code-changes-should-require-passing-status-checks.md): Checks that passing status checks are required before merging in Azure DevOps. - [Peer review should be enforced for code changes](https://help.dsalta.com/integrations/azure-devops/peer-review-should-be-enforced-for-code-changes.md): Checks that peer review is required before code changes can be merged in Azure DevOps. - [Azure access should be removed for offboarded users](https://help.dsalta.com/integrations/azure/azure-access-should-be-removed-for-offboarded-users.md): Checks that Azure access is revoked for offboarded users. - [Azure activity logs should be archived](https://help.dsalta.com/integrations/azure/azure-activity-logs-should-be-archived.md): Checks that Azure activity logs are archived for audit purposes. - [Azure AKS node CPU utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-aks-node-cpu-utilization-should-be-monitored.md): Checks that Azure AKS node CPU utilization is being monitored. - [Azure AKS node memory working set usage should be monitored](https://help.dsalta.com/integrations/azure/azure-aks-node-memory-working-set-usage-should-be-monitored.md): Checks that Azure AKS node memory working set usage is being monitored. - [Azure Application Gateway healthy host count should be monitored](https://help.dsalta.com/integrations/azure/azure-application-gateway-healthy-host-count-should-be-monit.md): Checks that Azure Application Gateway healthy host count is being monitored. - [Azure Cache for Redis client connections should be monitored](https://help.dsalta.com/integrations/azure/azure-cache-for-redis-client-connections-should-be-monitored.md): Checks that Azure Cache for Redis client connections are being monitored. - [Azure Cache for Redis CPU utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-cache-for-redis-cpu-utilization-should-be-monitored.md): Checks that Azure Cache for Redis CPU utilization is being monitored. - [Azure Cache for Redis freeable memory should be monitored](https://help.dsalta.com/integrations/azure/azure-cache-for-redis-freeable-memory-should-be-monitored.md): Checks that Azure Cache for Redis freeable memory is being monitored. - [Azure Cosmos DB backup should be enabled](https://help.dsalta.com/integrations/azure/azure-cosmos-db-backup-should-be-enabled.md): Verify that Azure Cosmos DB accounts have automated backups configured to prevent data loss and meet compliance requirements. - [Azure Cosmos DB latency should be monitored](https://help.dsalta.com/integrations/azure/azure-cosmos-db-latency-should-be-monitored.md): Checks that Azure Cosmos DB latency is being monitored. - [Azure Cosmos DB should be encrypted](https://help.dsalta.com/integrations/azure/azure-cosmos-db-should-be-encrypted.md): Verify that Azure Cosmos DB is encrypted at rest to protect sensitive data and meet SOC 2, ISO 27001, and HIPAA requirements. - [Azure Cosmos DB should be protected from direct internet traffic](https://help.dsalta.com/integrations/azure/azure-cosmos-db-should-be-protected-from-direct-internet-tra.md): Checks that Azure Cosmos DB is not directly exposed to the internet. - [Azure Databricks CPU utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-databricks-cpu-utilization-should-be-monitored.md): Checks that Azure Databricks CPU utilization is being monitored. - [Azure Databricks health should be monitored](https://help.dsalta.com/integrations/azure/azure-databricks-health-should-be-monitored.md): Checks that Azure Databricks cluster health is being monitored. - [Azure Databricks workspace backup should be enabled](https://help.dsalta.com/integrations/azure/azure-databricks-workspace-backup-should-be-enabled.md): Checks that Azure Databricks workspace backups are enabled. - [Azure Databricks workspaces should be encrypted](https://help.dsalta.com/integrations/azure/azure-databricks-workspaces-should-be-encrypted.md): Checks that Azure Databricks workspaces are encrypted at rest. - [Azure Defender should be enabled](https://help.dsalta.com/integrations/azure/azure-defender-should-be-enabled.md): Checks that Microsoft Defender for Cloud is enabled on the Azure subscription. - [Azure disk backup should be enabled](https://help.dsalta.com/integrations/azure/azure-disk-backup-should-be-enabled.md): Verify that Azure managed disks have automated backups configured to protect against data loss and meet compliance requirements. - [Azure disks should be encrypted](https://help.dsalta.com/integrations/azure/azure-disks-should-be-encrypted.md): Checks that Azure managed disks are encrypted at rest. - [Azure flow logs should be captured](https://help.dsalta.com/integrations/azure/azure-flow-logs-should-be-captured.md): Verify that Azure Network Security Group flow logs are captured for security monitoring and incident investigation. - [Azure Front Door origin health should be monitored](https://help.dsalta.com/integrations/azure/azure-front-door-origin-health-should-be-monitored.md): Checks that Azure Front Door origin health is being monitored. - [Azure Key Vault should be recoverable](https://help.dsalta.com/integrations/azure/azure-key-vault-should-be-recoverable.md): Checks that Azure Key Vaults are configured to be recoverable (soft delete enabled). - [Azure Load Balancer health probe status should be monitored](https://help.dsalta.com/integrations/azure/azure-load-balancer-health-probe-status-should-be-monitored.md): Checks that Azure Load Balancer health probe status is being monitored. - [Azure non-RBAC Key Vault keys should have expiration dates](https://help.dsalta.com/integrations/azure/azure-non-rbac-key-vault-keys-should-have-expiration-dates.md): Checks that expiration dates are set for all keys in non-RBAC Azure Key Vaults. - [Azure PostgreSQL should enforce SSL connections](https://help.dsalta.com/integrations/azure/azure-postgresql-should-enforce-ssl-connections.md): Checks that Azure PostgreSQL servers enforce SSL connections. - [Azure PostgreSQL should have infrastructure double encryption enabled](https://help.dsalta.com/integrations/azure/azure-postgresql-should-have-infrastructure-double-encryptio.md): Checks that Azure PostgreSQL servers have infrastructure double encryption enabled. - [Azure RBAC Key Vault keys should have expiration dates](https://help.dsalta.com/integrations/azure/azure-rbac-key-vault-keys-should-have-expiration-dates.md): Checks that expiration dates are set for all keys in RBAC-enabled Azure Key Vaults. - [Azure should be on HTTPS](https://help.dsalta.com/integrations/azure/azure-should-be-on-https.md): Checks that Azure resources are accessible over HTTPS. - [Azure should redirect HTTP to HTTPS](https://help.dsalta.com/integrations/azure/azure-should-redirect-http-to-https.md): Checks that Azure redirects HTTP traffic to HTTPS. - [Azure SQL database backup should be enabled](https://help.dsalta.com/integrations/azure/azure-sql-database-backup-should-be-enabled.md): Checks that Azure SQL database backups are enabled. - [Azure SQL database CPU utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-sql-database-cpu-utilization-should-be-monitored.md): Checks that Azure SQL database CPU utilization is being monitored. - [Azure SQL database IO utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-sql-database-io-utilization-should-be-monitored.md): Checks that Azure SQL database I/O utilization is being monitored. - [Azure SQL database memory utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-sql-database-memory-utilization-should-be-monitored.md): Checks that Azure SQL database memory utilization is being monitored. - [Azure SQL databases should be encrypted](https://help.dsalta.com/integrations/azure/azure-sql-databases-should-be-encrypted.md): Checks that Azure SQL databases are encrypted at rest. - [Azure SQL databases should be protected from direct internet traffic](https://help.dsalta.com/integrations/azure/azure-sql-databases-should-be-protected-from-direct-internet.md): Checks that Azure SQL databases are not directly exposed to the internet. - [Azure storage account anonymous blob access should be disabled](https://help.dsalta.com/integrations/azure/azure-storage-account-anonymous-blob-access-should-be-disabl.md): Checks that anonymous blob access is disabled on Azure storage accounts. - [Azure storage account cross-tenant replication should not be enabled](https://help.dsalta.com/integrations/azure/azure-storage-account-cross-tenant-replication-should-not-be.md): Checks that cross-tenant replication is disabled for Azure storage accounts. - [Azure storage account default network access rule should be set to deny](https://help.dsalta.com/integrations/azure/azure-storage-account-default-network-access-rule-should-be-.md): Checks that the default network access rule for Azure storage accounts is set to deny. - [Azure storage account minimum TLS version should be 1.2](https://help.dsalta.com/integrations/azure/azure-storage-account-minimum-tls-version-should-be-12.md): Checks that Azure storage accounts enforce a minimum TLS version of 1.2. - [Azure storage account public network access should be disabled](https://help.dsalta.com/integrations/azure/azure-storage-account-public-network-access-should-be-disabl.md): Checks that Azure storage account public network access is disabled. - [Azure storage account secure transfer should be enabled](https://help.dsalta.com/integrations/azure/azure-storage-account-secure-transfer-should-be-enabled.md): Checks that secure transfer (HTTPS) is required for Azure storage accounts. - [Azure storage accounts should be encrypted](https://help.dsalta.com/integrations/azure/azure-storage-accounts-should-be-encrypted.md): Checks that Azure storage accounts are encrypted at rest. - [Azure virtual network flow logs should be captured](https://help.dsalta.com/integrations/azure/azure-virtual-network-flow-logs-should-be-captured.md): Checks that Azure Virtual Network flow logs are captured. - [Azure VM CPU utilization should be monitored](https://help.dsalta.com/integrations/azure/azure-vm-cpu-utilization-should-be-monitored.md): Checks that Azure VM CPU utilization is being monitored. - [Azure VMs should be protected from direct internet traffic](https://help.dsalta.com/integrations/azure/azure-vms-should-be-protected-from-direct-internet-traffic.md): Checks that Azure VMs are not directly exposed to the internet. - [Azure Web App should redirect HTTP to HTTPS](https://help.dsalta.com/integrations/azure/azure-web-app-should-redirect-http-to-https.md): Checks that Azure App Service redirects all HTTP traffic to HTTPS. - [Azure Web App should use the latest TLS version](https://help.dsalta.com/integrations/azure/azure-web-app-should-use-the-latest-tls-version.md): Checks that Azure Web Apps are using the latest TLS version. - [Infrastructure entities should be classified](https://help.dsalta.com/integrations/azure/infrastructure-entities-should-be-classified.md): Checks that all Azure infrastructure entities are classified by criticality. - [Reported incidents should be closed in Microsoft Defender](https://help.dsalta.com/integrations/azure/reported-incidents-should-be-closed-in-microsoft-defender.md): Checks that incidents detected in Microsoft Defender are closed and resolved. - [Bitbucket](https://help.dsalta.com/integrations/bitbucket.md): How DSALTA integrates with Bitbucket — data collected, permissions required, setup guide, and automated compliance tests. - [Branch protection should be enabled on repositories](https://help.dsalta.com/integrations/bitbucket/branch-protection-should-be-enabled-on-repositories.md): Checks that branch protection rules are enabled on Bitbucket repositories. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/bitbucket/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Bitbucket. - [Box](https://help.dsalta.com/integrations/box.md): How DSALTA integrates with Box — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/box/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Box. - [Cloudflare](https://help.dsalta.com/integrations/cloudflare.md): How DSALTA integrates with Cloudflare — data collected, permissions required, setup guide, and automated compliance tests. - [HTTPS should be enabled](https://help.dsalta.com/integrations/cloudflare/https-should-be-enabled.md): Checks that HTTPS is enabled for domains managed through Cloudflare. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/cloudflare/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Cloudflare. - [Datadog](https://help.dsalta.com/integrations/datadog.md): How DSALTA integrates with Datadog — data collected, permissions required, setup guide, and automated compliance tests. - [Reported incidents should be closed](https://help.dsalta.com/integrations/datadog/reported-incidents-should-be-closed.md): Checks that incidents reported in Datadog are closed and resolved. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/datadog/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Datadog. - [DigitalOcean](https://help.dsalta.com/integrations/digitalocean.md): How DSALTA integrates with DigitalOcean — data collected, permissions required, setup guide, and automated compliance tests. - [DigitalOcean infrastructure should be properly configured](https://help.dsalta.com/integrations/digitalocean/digitalocean-infrastructure-should-be-properly-configured.md): Checks that DigitalOcean infrastructure is properly configured and secure. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/digitalocean/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in DigitalOcean. - [Figma](https://help.dsalta.com/integrations/figma.md): How DSALTA integrates with Figma — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/figma/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Figma. - [Google Cloud Platform (GCP)](https://help.dsalta.com/integrations/gcp.md): How DSALTA integrates with Google Cloud Platform (GCP) — data collected, permissions required, setup guide, and automated compliance tests. - [GCP BigQuery datasets should be protected from direct internet traffic](https://help.dsalta.com/integrations/gcp/gcp-bigquery-datasets-should-be-protected-from-direct-intern.md): Checks that GCP BigQuery datasets are not publicly accessible. - [GCP BigQuery storage should be encrypted](https://help.dsalta.com/integrations/gcp/gcp-bigquery-storage-should-be-encrypted.md): Checks that GCP BigQuery storage is encrypted at rest. - [GCP Bigtable CPU utilization should be monitored](https://help.dsalta.com/integrations/gcp/gcp-bigtable-cpu-utilization-should-be-monitored.md): Checks that GCP Bigtable CPU utilization is being monitored. - [GCP Bigtable should be encrypted](https://help.dsalta.com/integrations/gcp/gcp-bigtable-should-be-encrypted.md): Checks that GCP Bigtable instances are encrypted at rest. - [GCP Bigtable storage utilization should be monitored](https://help.dsalta.com/integrations/gcp/gcp-bigtable-storage-utilization-should-be-monitored.md): Checks that GCP Bigtable storage utilization is being monitored. - [GCP bucket storage should be encrypted](https://help.dsalta.com/integrations/gcp/gcp-bucket-storage-should-be-encrypted.md): Checks that GCP Cloud Storage buckets are encrypted at rest. - [GCP Cloud Spanner should be encrypted](https://help.dsalta.com/integrations/gcp/gcp-cloud-spanner-should-be-encrypted.md): Checks that GCP Cloud Spanner databases are encrypted at rest. - [GCP Cloud SQL backup should be enabled](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-backup-should-be-enabled.md): Checks that GCP Cloud SQL automated backups are enabled. - [GCP Cloud SQL connections should require SSL](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-connections-should-require-ssl.md): Checks that GCP Cloud SQL requires SSL for all connections. - [GCP Cloud SQL CPU utilization should be monitored](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-cpu-utilization-should-be-monitored.md): Checks that GCP Cloud SQL CPU utilization is being monitored. - [GCP Cloud SQL memory utilization should be monitored](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-memory-utilization-should-be-monitored.md): Checks that GCP Cloud SQL memory utilization is being monitored. - [GCP Cloud SQL should be encrypted](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-should-be-encrypted.md): Checks that GCP Cloud SQL databases are encrypted at rest. - [GCP Cloud SQL should be protected from direct internet traffic](https://help.dsalta.com/integrations/gcp/gcp-cloud-sql-should-be-protected-from-direct-internet-traff.md): Checks that GCP Cloud SQL instances are not directly exposed to the internet. - [GCP Cloud Storage buckets should be protected from direct internet traffic](https://help.dsalta.com/integrations/gcp/gcp-cloud-storage-buckets-should-be-protected-from-direct-in.md): Checks that GCP Cloud Storage buckets are not publicly accessible. - [GCP Cloud Storage should have uniform bucket-level access enabled](https://help.dsalta.com/integrations/gcp/gcp-cloud-storage-should-have-uniform-bucket-level-access-en.md): Checks that GCP Cloud Storage buckets have uniform bucket-level access enabled. - [GCP Compute instance CPU utilization should be monitored](https://help.dsalta.com/integrations/gcp/gcp-compute-instance-cpu-utilization-should-be-monitored.md): Checks that GCP Compute instance CPU utilization is being monitored. - [GCP Compute instances should be protected from direct internet traffic](https://help.dsalta.com/integrations/gcp/gcp-compute-instances-should-be-protected-from-direct-intern.md): Checks that GCP Compute instances are not directly exposed to the internet. - [GCP essential contacts should be configured](https://help.dsalta.com/integrations/gcp/gcp-essential-contacts-should-be-configured.md): Checks that GCP essential contacts are configured for the project. - [GCP Firestore read frequency should be monitored](https://help.dsalta.com/integrations/gcp/gcp-firestore-read-frequency-should-be-monitored.md): Checks that GCP Firestore read frequency is being monitored. - [GCP Firestore write frequency should be monitored](https://help.dsalta.com/integrations/gcp/gcp-firestore-write-frequency-should-be-monitored.md): Checks that GCP Firestore write frequency is being monitored. - [GCP KMS encryption keys should be protected from direct internet traffic](https://help.dsalta.com/integrations/gcp/gcp-kms-encryption-keys-should-be-protected-from-direct-inte.md): Checks that GCP KMS encryption keys are not directly exposed to the internet. - [GCP KMS encryption keys should be rotated within 90 days](https://help.dsalta.com/integrations/gcp/gcp-kms-encryption-keys-should-be-rotated-within-90-days.md): Checks that GCP KMS encryption keys are rotated within 90 days. - [GCP Kubernetes clusters should have logging and monitoring enabled](https://help.dsalta.com/integrations/gcp/gcp-kubernetes-clusters-should-have-logging-and-monitoring-e.md): Checks that GCP Kubernetes clusters have logging and cloud monitoring enabled. - [GCP log sink should be configured for all log entries](https://help.dsalta.com/integrations/gcp/gcp-log-sink-should-be-configured-for-all-log-entries.md): Checks that a GCP log sink is configured to capture all log entries. - [GCP service account keys should only be GCP-managed](https://help.dsalta.com/integrations/gcp/gcp-service-account-keys-should-only-be-gcp-managed.md): Checks that GCP service account keys are GCP-managed only. - [GCP service account user-managed keys should be rotated every 90 days](https://help.dsalta.com/integrations/gcp/gcp-service-account-user-managed-keys-should-be-rotated-ever.md): Checks that user-managed GCP service account keys are rotated within 90 days. - [GCP service account user role should not be assigned at project level](https://help.dsalta.com/integrations/gcp/gcp-service-account-user-role-should-not-be-assigned-at-proj.md): Checks that the GCP service account user/token creator role is not assigned at the project level. - [GCP service accounts should not have admin privileges](https://help.dsalta.com/integrations/gcp/gcp-service-accounts-should-not-have-admin-privileges.md): Checks that GCP service accounts do not have admin-level privileges. - [GCP should be on HTTPS](https://help.dsalta.com/integrations/gcp/gcp-should-be-on-https.md): Checks that GCP services are accessible over HTTPS. - [GCP should redirect HTTP to HTTPS](https://help.dsalta.com/integrations/gcp/gcp-should-redirect-http-to-https.md): Verify that Google Cloud Platform resources redirect HTTP traffic to HTTPS to protect data in transit and enforce encryption. - [GCP users should have MFA enabled](https://help.dsalta.com/integrations/gcp/gcp-users-should-have-mfa-enabled.md): Checks that MFA is enabled for all GCP user accounts. - [GCP VPC subnet flow logs should be captured](https://help.dsalta.com/integrations/gcp/gcp-vpc-subnet-flow-logs-should-be-captured.md): Checks that VPC subnet flow logs are enabled in GCP. - [GKE Kubernetes Web UI Dashboard should be disabled](https://help.dsalta.com/integrations/gcp/gke-kubernetes-web-ui-dashboard-should-be-disabled.md): Checks that the Kubernetes Web UI Dashboard is disabled in GKE. - [GKE Metadata Server should be enabled](https://help.dsalta.com/integrations/gcp/gke-metadata-server-should-be-enabled.md): Checks that GKE Metadata Server is enabled on node pools. - [Google Security Command Center should be enabled](https://help.dsalta.com/integrations/gcp/google-security-command-center-should-be-enabled.md): Checks that Google Security Command Center is enabled. - [Google Security Command Center vulnerability alerts should be resolved within SLA](https://help.dsalta.com/integrations/gcp/google-security-command-center-vulnerability-alerts-should-b.md): Checks that Google Security Command Center vulnerability alerts are resolved within SLA. - [Infrastructure entities should be classified](https://help.dsalta.com/integrations/gcp/infrastructure-entities-should-be-classified.md): Checks that all GCP infrastructure entities are classified by criticality. - [Reported incidents should be closed in DSALTA](https://help.dsalta.com/integrations/gcp/reported-incidents-should-be-closed-in-dsalta.md): Checks that incidents reported in GCP Security Command Center are resolved in DSALTA. - [Reported incidents should be closed in Security Command Center](https://help.dsalta.com/integrations/gcp/reported-incidents-should-be-closed-in-security-command-cent.md): Checks that incidents detected in Google Security Command Center are closed. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/gcp/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in GCP. - [Users should be identified](https://help.dsalta.com/integrations/gcp/users-should-be-identified.md): Checks that GCP users are identified and documented. - [GitHub](https://help.dsalta.com/integrations/github.md): How DSALTA integrates with GitHub — data collected, permissions required, setup guide, and automated compliance tests. - [All change tickets should have an assignee](https://help.dsalta.com/integrations/github/all-change-tickets-should-have-an-assignee.md): Checks that all change management tickets have an assignee. - [At least one change management system should be connected](https://help.dsalta.com/integrations/github/at-least-one-change-management-system-should-be-connected.md): Checks that at least one change management system is connected. - [Branch protection should be enabled](https://help.dsalta.com/integrations/github/branch-protection-should-be-enabled.md): Checks that branch protection is enabled on all GitHub repositories. - [Branch protection should be enabled on repositories](https://help.dsalta.com/integrations/github/branch-protection-should-be-enabled-on-repositories.md): Checks that branch protection rules are enabled on GitHub repositories. - [Change request tickets should be resolved within 30 days](https://help.dsalta.com/integrations/github/change-request-tickets-should-be-resolved-within-30-days.md): Checks that change request tickets are resolved within 30 days. - [Code scanning alerts should be resolved](https://help.dsalta.com/integrations/github/code-scanning-alerts-should-be-resolved.md): Checks that code scanning alerts are identified and resolved. - [Dependabot alerts should be resolved](https://help.dsalta.com/integrations/github/dependabot-alerts-should-be-resolved.md): Checks that Dependabot vulnerability alerts are resolved. - [Dependabot alerts should be resolved within SLA](https://help.dsalta.com/integrations/github/dependabot-alerts-should-be-resolved-within-sla.md): Checks that Dependabot vulnerability alerts are resolved within the defined SLA. - [Secret scanning alerts should be resolved](https://help.dsalta.com/integrations/github/secret-scanning-alerts-should-be-resolved.md): Checks that secret scanning alerts are identified and resolved. - [Ticketing system for change management should be configured](https://help.dsalta.com/integrations/github/ticketing-system-for-change-management-should-be-configured.md): Checks that a ticketing system for change management is set up. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/github/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in GitHub. - [GitLab](https://help.dsalta.com/integrations/gitlab.md): How DSALTA integrates with GitLab — data collected, permissions required, setup guide, and automated compliance tests. - [Branch protection rules should be enforced for admins](https://help.dsalta.com/integrations/gitlab/branch-protection-rules-should-be-enforced-for-admins.md): Checks that branch protection rules apply to admin users in GitLab. - [Code changes should be reviewed by peers before merging](https://help.dsalta.com/integrations/gitlab/code-changes-should-be-reviewed-by-peers-before-merging.md): Checks that all code changes are reviewed by at least one peer before merging in GitLab. - [Code repositories should be classified](https://help.dsalta.com/integrations/gitlab/code-repositories-should-be-classified.md): Checks that all GitLab code repositories are classified by criticality. - [GitLab access should be removed for offboarded users](https://help.dsalta.com/integrations/gitlab/gitlab-access-should-be-removed-for-offboarded-users.md): Checks that GitLab access is revoked for offboarded users. - [GitLab group-level MFA should be enforced](https://help.dsalta.com/integrations/gitlab/gitlab-group-level-mfa-should-be-enforced.md): Checks that group-level MFA enforcement is enabled in GitLab. - [Merging code changes should require passing status checks](https://help.dsalta.com/integrations/gitlab/merging-code-changes-should-require-passing-status-checks.md): Checks that passing status checks are required before merging in GitLab. - [Peer review should be enforced for code changes](https://help.dsalta.com/integrations/gitlab/peer-review-should-be-enforced-for-code-changes.md): Checks that peer review is required before code changes can be merged in GitLab. - [Google Workspace](https://help.dsalta.com/integrations/google-workspace.md): How DSALTA integrates with Google Workspace — data collected, permissions required, setup guide, and automated compliance tests. - [Admin accounts should have MFA enabled](https://help.dsalta.com/integrations/google-workspace/admin-accounts-should-have-mfa-enabled.md): Checks that all Google Workspace admin accounts have MFA enabled. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/google-workspace/mfa-should-be-enabled-for-all-users.md): Checks that MFA is enabled for all Google Workspace users. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/google-workspace/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active Google Workspace access. - [Password policy should meet minimum requirements](https://help.dsalta.com/integrations/google-workspace/password-policy-should-meet-minimum-requirements.md): Checks that the Google Workspace password policy meets minimum security requirements. - [User access to Critical System should be valid](https://help.dsalta.com/integrations/google-workspace/user-access-to-critical-system-should-be-valid.md): Checks that users with access to critical systems are authorized. - [Vendor discovery should be configured](https://help.dsalta.com/integrations/google-workspace/vendor-discovery-should-be-configured.md): Checks that vendor discovery is configured in Google Workspace. - [Grafana](https://help.dsalta.com/integrations/grafana.md): How DSALTA integrates with Grafana — data collected, permissions required, setup guide, and automated compliance tests. - [Reported incidents should be closed](https://help.dsalta.com/integrations/grafana/reported-incidents-should-be-closed.md): Checks that incidents reported in Grafana are closed and resolved. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/grafana/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Grafana. - [Heroku](https://help.dsalta.com/integrations/heroku.md): How DSALTA integrates with Heroku — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/heroku/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Heroku. - [HubSpot](https://help.dsalta.com/integrations/hubspot.md): How DSALTA integrates with HubSpot — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/hubspot/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in HubSpot. - [Intercom](https://help.dsalta.com/integrations/intercom.md): How DSALTA integrates with Intercom — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/intercom/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Intercom. - [JumpCloud](https://help.dsalta.com/integrations/jumpcloud.md): How DSALTA integrates with JumpCloud — data collected, permissions required, setup guide, and automated compliance tests. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/jumpcloud/mfa-should-be-enabled-for-all-users.md): Checks that MFA is enabled for all JumpCloud users. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/jumpcloud/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active JumpCloud access. - [User access to Critical System should be valid](https://help.dsalta.com/integrations/jumpcloud/user-access-to-critical-system-should-be-valid.md): Checks that users with access to critical systems are authorized in JumpCloud. - [Linear](https://help.dsalta.com/integrations/linear.md): How DSALTA integrates with Linear — data collected, permissions required, setup guide, and automated compliance tests. - [All change tickets should have an assignee](https://help.dsalta.com/integrations/linear/all-change-tickets-should-have-an-assignee.md): Checks that all Linear change tickets have an assignee. - [At least one change management system should be connected](https://help.dsalta.com/integrations/linear/at-least-one-change-management-system-should-be-connected.md): Checks that at least one change management system is connected via Linear. - [Change request tickets should be resolved within 30 days](https://help.dsalta.com/integrations/linear/change-request-tickets-should-be-resolved-within-30-days.md): Checks that Linear change request tickets are resolved within 30 days. - [Ticketing system for change management should be configured](https://help.dsalta.com/integrations/linear/ticketing-system-for-change-management-should-be-configured.md): Checks that a ticketing system for change management is set up in Linear. - [Microsoft Defender for Endpoint](https://help.dsalta.com/integrations/microsoft-defender.md): How DSALTA integrates with Microsoft Defender for Endpoint — data collected, permissions required, setup guide, and automated compliance tests. - [Device encryption should be enabled](https://help.dsalta.com/integrations/microsoft-defender/device-encryption-should-be-enabled.md): Checks that disk encryption is enabled on all devices managed by Microsoft Defender. - [OS should be up to date](https://help.dsalta.com/integrations/microsoft-defender/os-should-be-up-to-date.md): Checks that the OS is up to date on all Defender-managed devices. - [Screen lock should be enabled on devices](https://help.dsalta.com/integrations/microsoft-defender/screen-lock-should-be-enabled-on-devices.md): Checks that screen lock is enabled on all devices managed by Microsoft Defender. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/microsoft-defender/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Microsoft Defender. - [Microsoft Entra ID](https://help.dsalta.com/integrations/microsoft-entra-id.md): How DSALTA integrates with Microsoft Entra ID — data collected, permissions required, setup guide, and automated compliance tests. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/microsoft-entra-id/mfa-should-be-enabled-for-all-users.md): Checks that MFA is enabled for all Microsoft Entra ID users. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/microsoft-entra-id/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active Microsoft Entra ID access. - [User access to Critical System should be valid](https://help.dsalta.com/integrations/microsoft-entra-id/user-access-to-critical-system-should-be-valid.md): Checks that users with access to critical systems are authorized in Microsoft Entra ID. - [MongoDB Atlas](https://help.dsalta.com/integrations/mongodb-atlas.md): How DSALTA integrates with MongoDB Atlas — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/mongodb-atlas/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in MongoDB Atlas. - [Netlify](https://help.dsalta.com/integrations/netlify.md): How DSALTA integrates with Netlify — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/netlify/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Netlify. - [Okta](https://help.dsalta.com/integrations/okta.md): How DSALTA integrates with Okta — data collected, permissions required, setup guide, and automated compliance tests. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/okta/mfa-should-be-enabled-for-all-users.md): Verify that multi-factor authentication is enabled for all Okta users to protect against credential-based attacks. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/okta/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active Okta access. - [Password policy should meet minimum requirements](https://help.dsalta.com/integrations/okta/password-policy-should-meet-minimum-requirements.md): Checks that the Okta password policy meets minimum security requirements. - [User access to Critical System should be valid](https://help.dsalta.com/integrations/okta/user-access-to-critical-system-should-be-valid.md): Checks that users with access to critical systems are authorized in Okta. - [OneLogin](https://help.dsalta.com/integrations/onelogin.md): How DSALTA integrates with OneLogin — data collected, permissions required, setup guide, and automated compliance tests. - [MFA should be enabled for all users](https://help.dsalta.com/integrations/onelogin/mfa-should-be-enabled-for-all-users.md): Checks that MFA is enabled for all OneLogin users. - [Offboarded users should not have active access](https://help.dsalta.com/integrations/onelogin/offboarded-users-should-not-have-active-access.md): Checks that offboarded users no longer have active OneLogin access. - [User access to Critical System should be valid](https://help.dsalta.com/integrations/onelogin/user-access-to-critical-system-should-be-valid.md): Checks that users with access to critical systems are authorized in OneLogin. - [Integrations Overview](https://help.dsalta.com/integrations/overview.md): How DSALTA integrations work — connecting your tools to automate compliance evidence collection. - [Qualys](https://help.dsalta.com/integrations/qualys.md): How DSALTA integrates with Qualys — data collected, permissions required, setup guide, and automated compliance tests. - [Vulnerability alerts should be resolved within SLA](https://help.dsalta.com/integrations/qualys/vulnerability-alerts-should-be-resolved-within-sla.md): Checks that Qualys vulnerability alerts are resolved within the defined SLA. - [Salesforce](https://help.dsalta.com/integrations/salesforce.md): How DSALTA integrates with Salesforce — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/salesforce/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Salesforce. - [Sentry](https://help.dsalta.com/integrations/sentry.md): How DSALTA integrates with Sentry — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/sentry/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Sentry. - [Slack](https://help.dsalta.com/integrations/slack.md): How DSALTA integrates with Slack — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/slack/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Slack. - [Snowflake](https://help.dsalta.com/integrations/snowflake.md): How DSALTA integrates with Snowflake — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/snowflake/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Snowflake. - [Trello](https://help.dsalta.com/integrations/trello.md): How DSALTA integrates with Trello — data collected, permissions required, setup guide, and automated compliance tests. - [All change tickets should have an assignee](https://help.dsalta.com/integrations/trello/all-change-tickets-should-have-an-assignee.md): Checks that all Trello change tickets have an assignee. - [At least one change management system should be connected](https://help.dsalta.com/integrations/trello/at-least-one-change-management-system-should-be-connected.md): Checks that at least one change management system is connected via Trello. - [Change request tickets should be resolved within 30 days](https://help.dsalta.com/integrations/trello/change-request-tickets-should-be-resolved-within-30-days.md): Checks that Trello change request tickets are resolved within 30 days. - [Ticketing system for change management should be configured](https://help.dsalta.com/integrations/trello/ticketing-system-for-change-management-should-be-configured.md): Checks that a ticketing system for change management is set up in Trello. - [Wiz](https://help.dsalta.com/integrations/wiz.md): How DSALTA integrates with Wiz — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/wiz/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Wiz. - [Zoom](https://help.dsalta.com/integrations/zoom.md): How DSALTA integrates with Zoom — data collected, permissions required, setup guide, and automated compliance tests. - [User access to critical systems should be valid](https://help.dsalta.com/integrations/zoom/user-access-to-critical-systems-should-be-valid.md): Checks that users with access to critical systems are authorized in Zoom. - [Audit Issues](https://help.dsalta.com/troubleshooting/audit-issues.md): Troubleshoot common audit problems including auditor login, document access, comments, and evidence export. - [Contact Support](https://help.dsalta.com/troubleshooting/contact-us.md): Get in touch with the DSALTA support team via email or book a one-on-one session for onboarding and troubleshooting help. - [Evidence Not Syncing](https://help.dsalta.com/troubleshooting/evidence-not-syncing.md): Troubleshoot automated evidence collection issues. - [Integration Errors](https://help.dsalta.com/troubleshooting/integration-errors.md): Fix common issues with connecting and syncing integrations. - [Login & Access Issues](https://help.dsalta.com/troubleshooting/login-and-access.md): Resolve sign-in problems, password resets, and access errors. - [Trust Center Issues](https://help.dsalta.com/troubleshooting/trust-center-issues.md): Fix problems with your Trust Center display, access, or custom domain.