[WordPress] 外掛分享: Compliance Audit Trail & Evidence Logger

首頁外掛目錄 › Compliance Audit Trail & Evidence Logger
WordPress 外掛 Compliance Audit Trail & Evidence Logger 的封面圖片
全新外掛
安裝啟用
尚無評分
4 天前
最後更新
問題解決
WordPress 6.2+ PHP 8.0+ v1.0.3 上架:2026-07-11

外掛標籤

開發者團隊

⬇ 下載最新版 (v1.0.3) 或搜尋安裝

① 下載 ZIP → 後台「外掛 › 安裝外掛 › 上傳外掛」
② 後台搜尋「Compliance Audit Trail & Evidence Logger」→ 直接安裝(推薦)
📦 歷史版本下載

原文外掛簡介

Is your website ready for a cybersecurity audit?
When a website is hacked, the first thing intruders do is modify database logs to cover their tracks. Standard security plugins log user actions, but they do not guarantee that the logs themselves have not been altered or deleted.
Compliance Audit Log & Tamper-Evident Security Trail transforms your WordPress dashboard into a secure GRC (Governance, Risk, and Compliance) platform. By combining real-time activity tracking with cryptographic SHA-256 chain verification, it ensures your security audit trails are immutable, verified, and legally defensible.
Cryptographic Log Integrity
Every log entry calculates a SHA-256 signature containing its contents and the signature of the preceding row. If an unauthorized actor inserts, deletes, or edits a log record directly in the database, the cryptographic chain breaks. The built-in verifier identifies exactly when and where the compromise occurred.
Fulfill Global Compliance Regulations
Designed to assist compliance officers, developers, and security teams in meeting strict international guidelines:
* NIS2 Directive (EU): Fulfill Article 21 risk management and operational logging.
* DORA (Digital Operational Resilience Act): Monitor ICT incident events and operational resilience.
* SOC 2 & ISO 27001: Satisfy access control monitoring and configuration audit requirements.
* GDPR & HIPAA: Mask IPs using HMAC-SHA-256 salted hashes and support data erasures.
Features (Free Version)

Tamper-Evident Chaining: Link logs cryptographically using SHA-256 signatures.
Granular Activity Tracking: Log logins, session failures, plugin edits, and file updates.
Evidence Vault: Capture point-in-time snapshots of themes, active plugins, capabilities, and system configurations.
GDPR Privacy Masking: Anonymize client IP addresses using local cryptographic salts.
Forensic Timeline: Browse events chronologically through a responsive, filterable layout.
SIEM Export: Compile logs into CSV or JSON formats for security analysis.

Upgrade to Pro for Enterprise Governance
Unlock advanced features to manage cyber risks and supply chains networked across your organization:
* Off-site Evidence Vaults: Synchronize encrypted logs to AWS S3, Google Cloud, Azure, or SFTP.
* Automated Incident Detection: Trigger Slack, Discord, and Email alerts on brute force and privilege escalations.
* AI Incident Analysis: Suggest root-cause mitigations using integrated OpenAI, Claude, and Gemini models.
* Auditor Portal: Generate secure, expirable, read-only dashboard links for external compliance checkers.
* Risk & Vendor registers: Track supplier risk metrics using an interactive 5×5 Heat Map.
* File Integrity Monitor: Validate core system checksums using official WordPress.org APIs.
Source Code
The complete, unminified source code and build tooling for this plugin can be found in our public repository at:
https://github.com/TechbyshOrg/tbsh-compliance-audit-logger

文章
Filter
Apply Filters
Mastodon