Security & compliance

Lossless by construction. Auditable by default.

Every byte is SHA-256 verified end-to-end. Your data lives in your cloud, not ours — Sasquatch ships compressed chunks straight to your bucket, and your KMS keys never leave it. Cryptographic proof that nothing was dropped, summarized, or sampled.

SOC 2·HIPAA·PCI-DSS·GDPR·FedRAMP-aligned

Talk to compliance Read the whitepaper

Compliance posture

SOC 2 Type IIaligned

HIPAAaligned

PCI-DSSaligned

GDPRcompliant

FedRAMP-alignedroadmap

ISO 27001roadmap

What's enforced

Lossless

SHA-256 verified end-to-end

BYOK

Your KMS, your bucket, your keys

Auditable

Every chunk has a signed integrity manifest

Air-gap

Operates with zero outbound to control plane

Compliance without compromise

Auditors don’t accept “approximately”.

Filtering, deduplication, and AI summarization all share the same fatal flaw: when the investigator, the auditor, or the court asks for the original record, it’s already been deleted in the name of cost savings. Sasquatch preserves every byte — and proves it with a cryptographic checksum on every event.

Lossy stack output

Filter · dedupe · summarize

Audit · fail

[2026-01-14 04:12:31] auth.login · user=alice

… 1,247 similar events suppressed …

[2026-01-14 04:58:02] auth.login · user=bob

… 89 events deduplicated …

[2026-01-14 05:14:19] payment.capture · status=ok

… 3,401 events merged into summary …

Auditor: “Where are the rest of the events? What was in them?” The answer is you don’t know — they were deleted upstream.

Sasquatch output

Lossless · verified

Audit · pass

[2026-01-14 04:12:31.142] auth.login · user=alice · ip=10.1.2.34

[2026-01-14 04:12:31.203] auth.login · user=alice · ip=10.1.2.34 · retry

[2026-01-14 04:12:31.267] auth.login · user=alice · ip=10.1.2.34 · retry

… 4,734 more events, ordered, verified …

[2026-01-14 05:14:19.804] payment.capture · status=ok · amt=429.00

✓ 4,737 events · SHA-256 verified on each · nothing summarized

Auditor: “This is fine.” Original bytes, cryptographically attested. That’s the whole audit.

Frameworks you already answer to

SOC 2

Type II

Every security event captured, every privileged action traceable — across every microservice, every day.

HIPAA

PHI logging

Complete PHI access trails. No gaps, no summarization. BAA obligations satisfied byte-for-byte.

PCI-DSS

CDE logging

Tamper-evident records across the cardholder data environment. Every authorization and admin action intact.

FedRAMP

Moderate · High

Full data fidelity across the authorization boundary. Every event available for the full continuous-monitoring window.

Lossless verification

Every event. Every time. In the math, not the marketing.

SHA-256 of the original bytes equals SHA-256 of the decompressed bytes, checked on every event as it flows. Any deviation triggers an immediate alert — and has never happened in production.

100%

verification rate