Skip to content

Security & Compliance#

Stakater uses a Risk and Compliance as Code (RCaC) approach to embed compliance practices directly into infrastructure and workflows, making compliance an automated, continuous process rather than a manual one.

KubeStack+ gives your teams automated checks, auditable policies, and streamlined workflows to mitigate risks and maintain compliance with GDPR, NIST, ISO 27001, BSI IT-Grundschutz, and other standards.

The supported compliance frameworks fall into two categories.

General frameworks#

These frameworks apply across industries and provide high-level best practices for security, privacy, and risk management:

  • ISO 27001 — best practices for Information Security Management
  • NIST SP 800-171 — strengthening cybersecurity
  • GDPR — data privacy and protection in the European Union
  • BSI IT-Grundschutz — German Federal Office for Information Security standards
  • CIS Benchmarks — globally recognized secure configuration guidelines
  • SOC 2 Type 2 — operational effectiveness of security and privacy controls

Industry-specific standards#

These standards address the compliance, security, and operational requirements of specific industries:

  • HIPAA — patient data protection
  • DORA — operational resilience in financial services

Disclaimer

Implementing the measures described in this documentation does not guarantee compliance with any specific regulations, certifications, or guidelines. Consult legal, compliance, or technical experts to ensure your specific compliance and security needs are adequately addressed.