Automatic SOC 2 & ISO 27001 for all
Workloads Running with Greymatter
SOC 2 & ISO 27001 Compliance Alignment with Greymatter.io
| Control Category | SOC 2 / ISO 27001 Requirement | How Greymatter Helps |
|---|---|---|
| Access Control | Restrict access to authorized users only (SOC 2 CC6.1 / ISO 9.1, 9.2) | Granular RBAC via GSL policies and JWT-based identity enforcement; integrates with OIDC and OAuth2 |
| Encryption | Encrypt data in transit (SOC 2 CC6.7 / ISO 10.1.1) | Mandatory mTLS for all service-to-service and edge traffic; cert rotation supported |
| Incident Detection | Enable threat detection (SOC 2 CC7.2 / ISO 16.1) | Forensic audits + Prometheus metrics with SPIRE and identity-aware observability |
| System Change Control | Monitor system configuration changes (SOC 2 CC8.1 / ISO 12.1) | GitOps-managed zero trust networking for all applications, APIs, services, protocols; full change tracking through config-as-code (Greymatter Specification Language playbooks) |
| Data Integrity | Ensure integrity of data (ISO 12.2.1) | mTLS enforces transport integrity; audit logs and full-request payloads optionally retained |
| Security Policy Enforcement | Ensure policies are enforced consistently (ISO 5.1.1 / SOC 2 CC6) | Policy-as-code via Greymatter Specification Language playbooks, enforced via SPIRE and Envoy sidecars; OPA support for external policy |
| Monitoring & Review | Monitor logs and system behavior (ISO 12.4 / SOC 2 CC7.3) | Centralized log storage, streaming, and alerting via automated provision data stores and indices. Automated provisioning of extendable audit and metrics pipelines that includes streaming connectors to SIEM systems and standard out. |
SOC 2 Type II?
Greymatter gives you the evidence: identity-bound logs, config traceability, encrypted traffic.
ISO 27001 Controls?
Most are covered out of the box, especially around access control, data integrity, logging, and policy enforcement.
Certs & CAs?
SPIRE or your CA, with full control and automation for rotation, validation, and visibility.
