Chrome MCP Secure v2.3.0
Phase 1: Logging & Audit Foundation (Compliance Roadmap)
First phase of our compliance initiative, adding enterprise-grade audit logging for SOC 2, GDPR, and PCI-DSS requirements.
New Compliance Module
| Component | Description |
|---|---|
| Audit Logger | Structured events with hash-chained integrity |
| CEF Formatter | SIEM integration (Splunk, ArcSight, QRadar) |
| JSON-LD Formatter | Linked Data for compliance tools |
| Log Shipper | Webhook, Syslog, S3/GCS destinations |
| Retention Manager | Rotation, compression, secure deletion |
| Log Verifier | Integrity verification with certificates |
Key Features
- Hash-Chained Audit Trail - Tamper-evident logging
- Compliance Tagging - SOC2, GDPR, PCI-DSS, ISO27001 markers
- SIEM Integration - CEF format for security tools
- Retention Policies - Configurable up to 365+ days
- Secure Deletion - Cryptographic deletion certificates
- Integrity Verification - CLI tool to verify log integrity
New Files (3,000+ lines)
src/compliance/
├── audit-logger.ts # Core audit logging
├── formats/
│ ├── cef.ts # Common Event Format
│ └── json-ld.ts # Linked Data format
├── log-shipper.ts # External destinations
├── retention-manager.ts # Lifecycle management
├── log-verifier.ts # Integrity checking
└── index.ts # Module exports
Environment Variables
# Audit
CHROME_MCP_AUDIT_FORMAT=jsonl|cef|json-ld
CHROME_MCP_AUDIT_HASH_CHAIN=true
# Shipping
CHROME_MCP_LOG_DESTINATION=webhook|syslog|s3
CHROME_MCP_WEBHOOK_URL=https://...
CHROME_MCP_SYSLOG_HOST=localhost
# Retention
CHROME_MCP_LOG_RETENTION_DAYS=365
CHROME_MCP_LOG_ROTATION=daily
CHROME_MCP_SECURE_DELETE=trueWhat's Next
See COMPLIANCE-ROADMAP.md for upcoming phases:
- Phase 2: GDPR & Privacy (data rights, deletion certificates)
- Phase 3: SOC 2 & Enterprise (key rotation, RBAC)
- Phase 4: Advanced (breach detection, multi-tenancy)
#soc2 #gdpr #compliance #audit-logging #siem