update compliance page

Michał Gryczka · Michał Gryczka · commit c2baf0d34694 · 2026-02-24T14:49:21.000+01:00
diff --git a/src/pages/compliance.astro b/src/pages/compliance.astro
@@ -1,13 +1,14 @@
 ---
 import Navigation from "../components/base/Navigation.astro";
 import ProductLayout from "../layouts/ProductLayout.astro";
-import HomeHeader from "./_home/components/HomeHeader.astro";
 import FlexibleSection from "../components/FlexibleSection.astro";
 import { Image } from "astro:assets";
 import isoCertificate from "../../public/images/iso-27001/DEFGUAR_ISO27001_2025-2028_ENG.png";
 import "../styles/compliance.scss";
 
-const title = "Compliance";
+const title = "Compliance & Certifications | ISO 27001, GDPR, NIS2 | Defguard";
+const description =
+  "Defguard compliance: ISO 27001 certified, EU-based for GDPR and NIS2. Biometric MFA, data sovereignty, SBOM, and open-source transparency for enterprise and regulated sectors.";
 const featuredImage =
   "github.com/DefGuard/defguard.github.io/raw/main/public/images/product/core/hero-image.png";
 const imageWidth = "1920";
@@ -26,33 +27,120 @@ const tags = [
   "compliance",
   "enterprise",
   "open source",
+  "gdpr",
+  "nis2",
+  "eu",
+  "sbom",
 ];
+
+const webPageSchema = {
+  "@context": "https://schema.org",
+  "@type": "WebPage",
+  name: title,
+  description,
+  url,
+  mainEntity: {
+    "@type": "Organization",
+    name: "Defguard",
+    url: "https://defguard.net",
+  },
+};
 ---
 
 <ProductLayout
   title={title}
+  description={description}
   featuredImage={featuredImage}
   imageWidth={imageWidth}
   imageHeight={imageHeight}
   url={url}
   tags={tags}
 >
+  <script slot="schema" type="application/ld+json" set:html={JSON.stringify(webPageSchema)} />
   <Navigation activeSlug="/compliance/" />
 
-  <main id="home-page">
-    <section class="custom-header">
+  <main id="compliance-page" aria-label="Compliance and certifications">
+    <section class="custom-header" aria-labelledby="compliance-heading">
       <div class="container">
-        <h1 class="page-title">Compliance</h1>
-        <p class="page-subtitle">Defguard - Certified, Audited, and Transparent</p>
+        <h1 id="compliance-heading" class="page-title">Compliance</h1>
+        <p class="page-subtitle">
+          Defguard is ISO 27001 certified and built for European digital sovereignty: GDPR-native, NIS2-ready, with biometric MFA, full data residency, and transparent supply chain (SBOM).
+        </p>
       </div>
     </section>
 
-    <FlexibleSection leftRatio={1} title="ISO-27001:2023 Certification" theme="light">
+    <FlexibleSection id="compliance-edge" leftRatio={1} title="European Digital Sovereignty: The Defguard Compliance Edge" theme="light">
+      <div slot="left">
+        <p class="section-lead">
+          Defguard combines formal certification with practical, auditable controls designed for regulated teams operating under EU legal and security requirements.
+        </p>
+        <div class="compliance-grid">
+          <div class="compliance-item">
+            <h4>100% EU-Based & GDPR Native</h4>
+            <p>Headquartered and developed in Poland, Defguard ensures zero exposure to the US CLOUD Act. It provides a legally "clean" stack for GDPR compliance, where data jurisdiction and residency are non-negotiable.</p>
+          </div>
+          <div class="compliance-item">
+            <h4>Biometric Zero-Trust MFA</h4>
+            <p>Defguard enforces MFA at the protocol level using Desktop & Mobile Biometrics (FaceID/TouchID). This creates a secure "something you are" factor that satisfies NIS2 and ISO 27001 (A.8.5) without the logistics of hardware key distribution.</p>
+          </div>
+          <div class="compliance-item">
+            <h4>Granular Access Control (ISO A.5.15)</h4>
+            <p>Enforce the Principle of Least Privilege with centralized ACLs. Defguard prevents lateral movement by restricting remote users to specific internal resources, directly mapping to ISO 27001 Access Control requirements.</p>
+          </div>
+          <div class="compliance-item">
+            <h4>Total Data Sovereignty</h4>
+            <p>A strictly self-hosted architecture that keeps all cryptographic keys, user metadata, and traffic logs on your private infrastructure. No external cloud relays or third-party auth providers are required, ensuring maximum privacy.</p>
+          </div>
+          <div class="compliance-item">
+            <h4>Open-Source & Rust Transparency</h4>
+            <p>Built with memory-safe Rust, our code is fully open and verifiable. This provides the "Secure Development" evidence required for ISO 27001 (A.8.28) and eliminates the risk of "black box" proprietary backdoors.</p>
+          </div>
+          <div class="compliance-item">
+            <h4>Supply Chain Security (SBOM)</h4>
+            <p>In compliance with the EU Cyber Resilience Act, Defguard provides a detailed Software Bill of Materials (SBOM) and public pen-testing results, allowing your security team to audit every "ingredient" in your remote access stack.</p>
+          </div>
+        </div>
+      </div>
+    </FlexibleSection>
+
+    <FlexibleSection id="why-iso-27001" leftRatio={0.72} title="Why ISO 27001 Matters for Our Users" theme="light">
+      <div slot="left">
+        <p>At Defguard we have always built security into the core of our product — from protocol-level WireGuard® MFA, through open-source transparency, to data sovereignty and zero foreign legal exposure.</p>
+        <p>Achieving ISO 27001 certification formalizes and externally validates our Information Security Management System. It demonstrates to enterprises, regulated organizations and public sector clients that:</p>
+
+        <ul class="benefits-list">
+          <li>Information security risks are systematically identified, assessed and treated</li>
+          <li>Security controls follow international best practices</li>
+          <li>Processes are continuously improved and audited</li>
+          <li>We maintain the same high standards internally that we provide to you</li>
+          <li>Your trust in Defguard as a secure, reliable VPN & zero-trust platform is backed by third-party certification</li>
+        </ul>
+
+        <h3>Complements our existing compliance strengths</h3>
+        <ul>
+          <li>NIS2-ready architecture with true VPN-level MFA</li>
+          <li>Full EU data residency & governance (Poland-based)</li>
+          <li>Audit-ready logs and SIEM integration</li>
+          <li>Support for GDPR, HIPAA, PCI DSS, NIST & similar frameworks through strong technical controls</li>
+          <li><a href="/sbom/">Software Bill of Materials (SBOM)</a> and <a href="/pentesting/">public penetration testing reports</a> for supply chain and transparency audits</li>
+        </ul>
+      </div>
+      <div slot="right">
+        <aside class="compliance-contact-card" aria-label="Compliance contact">
+          <h3>Need Additional Certifications?</h3>
+          <p>
+            If your procurement or audit process requires additional certifications or evidence,
+            contact our team at <a href="mailto:sales@defguard.net">sales@defguard.net</a>.
+          </p>
+        </aside>
+      </div>
+    </FlexibleSection>
 
+    <FlexibleSection id="iso-27001-certification" leftRatio={1} title="ISO 27001:2023 Certification" theme="light">
       <div slot="left">
-        <div>
+        <div class="section-lead">
           <p>
-            Our ISO-27001:2013 certification and rigorous internal audits ensure that our systems, processes, and operations meet globally recognized benchmarks.
+            Our ISO 27001:2023 certification and rigorous internal audits ensure that our systems, processes, and operations meet globally recognized benchmarks.
           
             Beyond compliance, we offer fully transparent development process and <a href="/security/">Secure By Design approach</a>.
           </p>
@@ -130,32 +218,6 @@ const tags = [
       </div>
     </FlexibleSection>
 
-    <FlexibleSection leftRatio={1} title="Why ISO 27001 Matters for Our Users" theme="light">
-      <div slot="left">
-        <p>At Defguard we have always built security into the core of our product — from protocol-level WireGuard® MFA, through open-source transparency, to data sovereignty and zero foreign legal exposure.</p>
-        <p>Achieving ISO 27001 certification formalizes and externally validates our Information Security Management System. It demonstrates to enterprises, regulated organizations and public sector clients that:</p>
-
-        <ul class="benefits-list">
-          <li>Information security risks are systematically identified, assessed and treated</li>
-          <li>Security controls follow international best practices</li>
-          <li>Processes are continuously improved and audited</li>
-          <li>We maintain the same high standards internally that we provide to you</li>
-          <li>Your trust in Defguard as a secure, reliable VPN & zero-trust platform is backed by third-party certification</li>
-        </ul>
-
-        <h3>Complements our existing compliance strengths</h3>
-        <ul>
-          <li>NIS2-ready architecture with true VPN-level MFA</li>
-          <li>Full EU data residency & governance (Poland-based)</li>
-          <li>Audit-ready logs and SIEM integration</li>
-          <li>Support for GDPR, HIPAA, PCI DSS, NIST & similar frameworks through strong technical controls</li>
-        </ul>
-      </div>
-      <div slot="left">
-        <p>Are you missing any compliance certifications? Feel free to reach out to us at <a href="mailto:sales@defguard.net">sales@defguard.net</a></p>
-      </div>
-    </FlexibleSection>
-
 
   </main>
 </ProductLayout>
diff --git a/src/styles/compliance.scss b/src/styles/compliance.scss
@@ -2,6 +2,7 @@
   padding: 80px 0 60px 0;
   background-color: var(--background-primary, #f9f9f9);
   text-align: center;
+  border-bottom: 1px solid var(--text-body-primary, rgba(51, 51, 51, 0.12));
 
   .page-title {
     font-size: 3.5em;
@@ -30,12 +31,24 @@
   }
 }
 
+.section-lead {
+  margin: 0 0 24px 0;
+  max-width: 72ch;
+
+  p {
+    margin: 0;
+    font-size: 1.05em;
+    line-height: 1.65;
+  }
+}
+
 .cert-info {
   background-color: var(--background-secondary, #f5f5f5);
   padding: 20px;
-  border-radius: 8px;
+  border-radius: 12px;
   margin-bottom: 30px;
   font-weight: 500;
+  border: 1px solid var(--text-body-primary, rgba(51, 51, 51, 0.1));
 
   p {
     margin-bottom: 10px;
@@ -49,7 +62,7 @@
 
 .cert-table-container {
   background-color: var(--background-primary, #f9f9f9);
-  border-radius: 8px;
+  border-radius: 12px;
   margin-bottom: 30px;
   border: 1px solid var(--text-body-primary, #333);
   overflow: hidden;
@@ -132,8 +145,9 @@
 .cert-document {
   background-color: var(--background-primary, #f9f9f9);
   padding: 30px;
-  border-radius: 8px;
+  border-radius: 12px;
   border: 1px solid var(--text-body-primary, #333);
+  box-shadow: 0 6px 20px rgba(0, 0, 0, 0.06);
 
   h3 {
     font-size: 1.3em;
@@ -242,19 +256,21 @@
 .compliance-grid {
   display: grid;
   grid-template-columns: repeat(auto-fit, minmax(350px, 1fr));
-  gap: 30px;
+  gap: 24px;
   margin: 30px 0;
 
   .compliance-item {
     background-color: var(--background-secondary, #f8f9fa);
     padding: 25px;
-    border-radius: 8px;
+    border-radius: 12px;
     border: 1px solid var(--text-body-primary, rgba(51, 51, 51, 0.1));
-    transition: all 0.3s ease;
+    transition: transform 0.25s ease, box-shadow 0.25s ease, border-color 0.25s ease;
+    box-shadow: 0 2px 10px rgba(0, 0, 0, 0.04);
 
     &:hover {
-      box-shadow: 0 4px 12px rgba(0, 0, 0, 0.1);
-      transform: translateY(-2px);
+      box-shadow: 0 10px 24px rgba(0, 0, 0, 0.1);
+      border-color: var(--theme-primary, #2563eb);
+      transform: translateY(-3px);
     }
 
     h4 {
@@ -297,6 +313,33 @@
   }
 }
 
+.compliance-contact-card {
+  background-color: var(--background-secondary, #f8f9fa);
+  border: 1px solid var(--text-body-primary, rgba(51, 51, 51, 0.12));
+  border-radius: 12px;
+  padding: 22px;
+  box-shadow: 0 6px 20px rgba(0, 0, 0, 0.06);
+
+  h3 {
+    margin: 0 0 12px 0;
+    color: var(--text-heading-primary, #111);
+    font-size: 1.15em;
+    line-height: 1.4;
+  }
+
+  p {
+    margin: 0;
+    line-height: 1.6;
+    color: var(--text-body-primary, #333);
+  }
+
+  a {
+    color: var(--theme-primary, #2563eb);
+    text-decoration: underline;
+    text-underline-offset: 2px;
+  }
+}
+
 .compliance-note {
   margin-top: 40px;
   padding: 20px;
@@ -316,3 +359,14 @@
     }
   }
 }
+
+#compliance-page {
+  .flexible-section {
+    padding: 2.5rem 0;
+  }
+
+  .section-title {
+    font-weight: 600;
+    letter-spacing: -0.01em;
+  }
+}
