|
|
|
|
A cloud-native compliance intelligence platform that monitors your MFT environment — from discovery runs performed on your configuration against the clauses of the compliance standard.
A web-based compliance dashboard that connects directly to your MFT platform, compiles transfer logs, configuration audits, and user activity, then maps everything automatically against the compliance frameworks that matter to your business.
A discovery script runs directly on your environment to automatically collect configuration data — no manual extraction required.
Continuously calculates your compliance rate across each framework, requirement category, and individual control.
Proactively flags gaps, failed controls, and drifting configurations so teams can remediate before audit time.
Generate point-in-time compliance reports mapped to specific framework requirements, ready for auditor submission.
Everything you need to achieve and demonstrate MFT compliance — in one place.
Compliance rate gauges, trend charts, and per-category breakdowns across all connected platforms.
PCI DSS, GDPR, HIPAA, ISO 27001, and SOC 2 — all mapped to controls within your MFT platform.
Cloud-hosted SaaS or fully on-premise deployment for air-gapped or data-sovereign environments.
Track compliance posture over time to demonstrate continuous improvement to auditors and leadership.
Manage multiple customers, platforms, or business units from a single pane of glass.
Configurable threshold alerts when compliance scores drop or new violations are detected.
A web-based compliance operations centre — accessible from any browser, updated continuously from your MFT platform data.
Dashboard representation based on live GoAnywhere MFT PCI DSS compliance scan data. Actual dashboard powered by your connected MFT platform.
Every panel and metric has been purpose-built for MFT compliance visibility.
A live percentage gauge showing your overall compliance score per framework per platform — updated on every scan run.
See how your compliance posture is improving or regressing across configurable time windows — hour, day, week, or month.
Drill into compliant and non-compliant requirement categories with ranked bar charts showing the highest-risk areas first.
Full drill-down to individual requirements: what the control is, whether it's met in your MFT, and compensating controls applied.
For MSSPs and internal teams managing multiple business units — a single pane with per-customer compliance scores and drill-down.
Schedule scans on demand or automatically, with Run ID tracking so you can compare snapshots across assessment cycles.
CaaS connects to your MFT platform, continuously collects compliance-relevant data, and surfaces actionable insights through the dashboard.
CaaS connects to your MFT platform via secure API or log forwarding.
Transfer logs, audit trails, config snapshots, and user activity ingested.
Data mapped against selected frameworks (PCI DSS, GDPR, HIPAA, etc.).
Live scores, category breakdowns, and trend charts rendered in real time.
Scheduled exports, auditor-ready reports, and threshold alerts dispatched.
CaaS ingests data from multiple layers of your MFT environment to build a complete compliance picture.
Every file send, receive, and routing event — timestamped, user-attributed, and mapped to compliance controls.
Login events, failed auth attempts, session durations, and privilege escalation activities.
Platform configuration snapshots including protocol settings, encryption policies, and TLS versions.
SSH key usage, certificate expiry, encryption algorithm inventories — critical for cryptography controls.
CaaS ships with pre-built control mappings for the most common frameworks affecting MFT environments. New frameworks are added continuously.
CaaS is designed to fit your environment — whether you want the simplicity of SaaS or the control of on-premise.
HANDD hosts and operates CaaS in the cloud. Zero infrastructure investment, instant setup, and always on the latest version.
Deploy CaaS entirely within your own data centre or private cloud. Full data sovereignty with no external data egress.
Data collectors run on-premise to avoid egress, while dashboards and reporting run in the HANDD cloud — the best of both.
| Consideration | Cloud (SaaS) | On-Premise | Hybrid |
|---|---|---|---|
| Setup Time | Hours | Days–Weeks | Days |
| Infrastructure Required | None | Customer-provided | Minimal (agent only) |
| Data Sovereignty | Regional options | Full control | Raw data stays on-prem |
| Automatic Updates | Automatic | Manual / scheduled | Cloud layer automatic |
| Uptime SLA | 99.9% HANDD-managed | Customer-managed | 99.9% HANDD-managed |
| Pricing Model | Monthly subscription | Annual licence + support | Monthly subscription |
See how HANDD CaaS compares to manual compliance approaches and generic GRC tools.
| Capability | HANDD CaaS | Manual Audits | Generic GRC Tool | SIEM Only |
|---|---|---|---|---|
| MFT-Native Control Mapping | Built-in | Manual effort | Custom build required | Not supported |
| Multi-Framework Support | 5+ frameworks | One at a time | Multiple | Not included |
| Audit-Ready Reports | Automated PDF/CSV | Weeks of effort | Generic templates | Not included |
| Non-Compliance Alerting | Native | Not supported | Rule-based | Event-based |
| Transfer Log Analysis | Native MFT ingestion | Manual review | Not supported | Log forwarding required |
| On-Premise Option | Supported | N/A | Varies | Usually available |
| Time to First Insight | Hours | Weeks | Months | Days–Weeks |
| MFT Expertise Required | None (pre-mapped) | Deep expertise needed | Configuration effort | SIEM expertise needed |
Go from zero to your first compliance dashboard in hours — not weeks or months of manual effort.
Move from point-in-time audits to always-on compliance monitoring with real-time scoring.
Pre-built framework mappings and automated reports eliminate weeks of manual evidence gathering.
Catch compliance drift and configuration gaps before they become audit findings or breaches.
One platform, multiple frameworks — demonstrate compliance across PCI DSS, GDPR, HIPAA, ISO 27001, and SOC 2.
Pre-mapped controls mean your compliance team doesn't need deep MFT platform knowledge to monitor posture.
