Hardcoded connection strings and static API keys are a breach waiting to happen. HashiCorp Vault gives you dynamic credentials, transit encryption, and per-entity key isolation — and Granit integrates all three as a single module dependency.
Enterprise customers ask for a SOC 2 Type 2 report before signing. Here is how Granit’s modules map to the five Trust Service Criteria — and what the framework cannot replace.
NIS 2 is now law across the EU. Here is what it requires from your .NET stack — and how Granit’s supply chain pipeline and embedded security modules cover the key obligations out of the box.
The new Granit.Mcp module family wraps the MCP C# SDK to expose your application capabilities to AI agents, with auto-discovery, RBAC authorization, and GDPR-compliant output sanitization.
Physical deletion breaks audit trails, conflicts with legal holds, and fails on append-only systems. Crypto-shredding solves all three: destroy the key, and the ciphertext becomes random noise. Here is how Granit implements it.
Your React app stores access tokens in localStorage. A compromised npm package reads them. Game over. Granit.Bff moves token handling to the server, so the browser only sees an HttpOnly cookie it cannot read.
GDPR compliance is not a checkbox. It is an architectural constraint that must be enforced at the framework level. Here is how Granit implements data minimization, right to erasure, and pseudonymization by default.
