Compliance

Ward makes your compliance evidence easy to produce

Monolith Ward runs entirely inside your own infrastructure and records every protective decision. That turns regulatory obligations — detection, logging, traceability, data minimisation, incident reporting — into evidence you can hand to an auditor.

How to read this page. Everything below describes how Ward helps you comply — the technical controls and audit evidence it provides. These are product capabilities, not vendor certifications. Where we run a programme rather than hold a certificate (for example MYTHOS adversarial testing), we say so plainly. The certification of your environment remains yours; Ward supplies the evidence.

Frameworks & regulations

Where Ward supports your obligations

EU AI ActEU · Regulation

High-risk AI obligations

Logging, traceability, human oversight, robustness, and serious-incident reporting for AI systems.

How Ward helps

  • Article 73 incident bundles — signed, deterministic, reproducible incident records.
  • Human oversight — operators review and label; the model never auto-escalates under uncertainty.
  • Robustness evidence — continuous adversarial validation via MYTHOS (a self-assessment programme, not a certificate).
GDPREU · Regulation

Data protection by design

Lawful, minimised processing of personal data, with security of processing and demonstrable accountability.

How Ward helps

  • Minimised by default — identifiers SHA-256 hashed; raw content only briefly retained for live investigation.
  • You control retention — governed entirely by your policy on the datastore you own.
  • Data stays in-region — fully self-hosted; nothing leaves your network to the vendor.
NIS2EU · Directive

Detection & incident reporting

Risk management, monitoring, and timely reporting of significant incidents for essential and important entities.

How Ward helps

  • Continuous L7 detection across your APIs, mapped to OWASP, CWE and MITRE ATT&CK.
  • Reportable artefacts — structured, tamper-aware audit trail to support notification timelines.
  • Measured response — graduated actions from monitor to block, with safe rollout.
DORAEU · Regulation

Operational resilience (financial)

ICT risk management, resilience testing, and incident handling for financial entities and their providers.

How Ward helps

  • Resilient by design — stateless engine, per-route fail-open/fail-closed, emergency monitor-only switch.
  • Threat-led testing input — MYTHOS adversarial scenarios exercise detection and containment.
  • Self-hosted — no critical dependency on vendor cloud at runtime.
ISO/IEC 27001Standard

Control evidence for your ISMS

An information security management system with operating, monitored, and audited controls.

How Ward helps

  • Access control — 100+ discrete permissions, OIDC federation, attributable audit log.
  • Change management — cryptographically signed policy, verified before activation.
  • Monitoring & logging — continuous detection feeding a tamper-aware trail.
SOC 2Standard

Trust services criteria

Security, availability, and confidentiality controls evidenced over a reporting period.

How Ward helps

  • Security — inline protection, signed builds with provenance, fail-closed on misconfiguration.
  • Confidentiality — data minimisation, redaction, customer-owned retention.
  • Evidence on demand — additive-only schema and structured logs make collection repeatable.
The evidence Ward produces

Artefacts an auditor can actually use

Tamper-aware audit trail

Every privileged and control-plane action — who, what, when, outcome — captured in a structured, additive-only log.

Signed incident bundles

Deterministic, reproducible incident records — suitable for EU AI Act Article 73 reporting, with optional GDPR redaction.

Taxonomy-mapped decisions

Each verdict carries a reason code mapped to OWASP, CWE and MITRE ATT&CK — making reporting and threat communication immediate.

Your network
Inline engineprocesses traffic
Analytics datastoreyou own retention
Audit & incident logsyour evidence
Operator consoleinvestigation
no data leaves your network by default
Data residency & sovereignty

Compliance is simpler when data never leaves

  • In-region by constructionSelf-hosting keeps processing inside your jurisdiction — no cross-border transfer assessment for vendor cloud.
  • No vendor sub-processorThe vendor never hosts, operates, or sees a deployment — a simpler data-processing story.
  • Air-gapped optionA signed VM appliance runs in fully isolated environments where required.
Talk to us

Map Ward to your control framework

Book a working session and we'll walk through exactly which evidence Ward produces for your audit — and run a shadow-mode pilot on one of your services.

Book a working session Back to product