SOC 2 Compliance

Documentation in progress. This page will provide detailed guidance on SOC 2 alignment with Hoziron.

Current capabilities

The platform provides technical controls mapping to SOC 2 Trust Service Criteria:

• Security — Authentication (API keys + OIDC), RBAC, TLS, IP allowlist, network policies
• Availability — Health monitoring, circuit breakers, auto-recovery, graceful shutdown
• Processing integrity — Audit trail with Merkle chain verification, PII boundary enforcement
• Confidentiality — Memory isolation between agents, credential vault, env var security
• Privacy — PII tokenization pipeline, data sovereignty controls, air-gapped support

Coming soon

• Control mapping document (TSC → Hoziron features)
• Evidence collection automation guidance
• Monitoring and alerting recommendations for SOC 2 audits
• Change management process documentation

Related:

• Security hardening checklist
• Observability guide
• Compliance overview