Understanding product releases in Hyperproof EU and Hyperproof Gov
To ensure the highest levels of security and quality, new features and updated content (e.g., frameworks, templates) are deployed to Hyperproof EU and Hyperproof Gov environments regularly. Security updates are deployed on an as-needed basis.
Environments Overview
Today, Hyperproof operates three environments: Hyperproof US, Hyperproof EU, and Hyperproof Gov. The feature sets and capabilities are symmetrical except where differences are required for the specific environment.
Hyperproof EU
Hyperproof has developed the Hyperproof instance of its platform, supported by a new EU-based data center, so EU customers can ensure data sovereignty and compliance with local regulations. All customer data for Hyperproof organizations is stored and processed within an EU-based infrastructure.
Key differences include:
Supported integrations: Not all Hypersync integrations are available in Hyperproof EU. For additional information, see Supported apps and proof types for Hypersyncs.
Proof types: Some integrations have region-specific proof type availability. For instance, with Snyk, the List of Issues by Project and Issue Summary by Project proof types are only available in Hyperproof US, while the List of Users by Org and the new List of Issues by Org are available in all regions, including Hyperproof EU.
Hypersync SDK: Hypersync apps in Hyperproof EU require an updated execution environment. Specifically, you must add an up script to your package.json and implement a start.ts that initializes an HTTP server for your app. This is necessary for deployment compatibility in Hyperproof EU. Details and code examples are in the Hypersync SDK Migration Guide.
Automated Monthly Report: This report is not available to customers in Hyperproof EU at this time.
Hyperproof Gov
Hyperproof Gov provides the same core capabilities as the Hyperproof US and Hyperproof EU commercial offerings, tailored to meet FedRAMP Moderate requirements. Key differences and features include:
Authentication: Uses Okta or Microsoft Entra ID instead of Auth0 for enhanced security.
Malware protection: Scans files during upload and download.
System use notification: Prompts users to consent to the terms of system use on login or periodically.
User management: Automatically deactivates inactive users and provides notifications for user additions, role changes, or deactivations.
Sanitized email notifications: To meet FedRAMP requirements, user-provided information is not included in emails. This does mean that some emails are not sent at all because, without user-provided information, they provide no value.
Event logging*: Provides the ability to stream system events for monitoring, though deeper integration with Security Information and Event Management (SIEM) tools may be required.
One-time passcodes for external users: One-time passcodes provided via email are a simple way to provide authenticated access to Hyperproof for external users who are assigned work, such as tasks or questionnaires.
In addition, there are some feature limitations:
AI support agent: This capability is not available in Hyperproof Gov because the underlying technology stack is not a FedRAMP-capable service.
Asana and ServiceNow task integration: Asana and ServiceNow tasks are turned off in Hyperproof Gov by default, but can be turned on upon request.
SSO options: JumpCloud, Fortinet, and Forgerock SSO options are not currently supported.
Automated monthly report: This report is not available to customers in Hyperproof Gov at this time.
Release/update schedule
Product releases occur about every three weeks: Thursday evenings for Hyperproof US and Hyperproof Gov instances, and Friday evenings for the Hyperproof EU instance. This schedule ensures all instances stay up to date with the latest features and functionality.
Content updates (e.g. frameworks, templates) are typically released every 6 to 8 weeks in the Hyperproof EU and Hyperproof Gov instances.
Content planning and requests
To ensure our content roadmap aligns with your compliance goals, follow these guidelines:
Discuss your needs: Communicate your content requirements directly with your Customer Success Manager (CSM) or Implementation Manager.
Plan for projects: Identify required content early in your planning process for new implementations or upcoming audits. Planning ahead allows us to align our release schedule with your project timeline.
Support offering
We provide the same level of support across all Hyperproof instances. Support is available 11 hours per day, from 9:00 AM to 5:00 PM in both the Central European and GMT time zones.
A single version of our product documentation is available across all Hyperproof instances. The documentation clearly notes any instance-specific feature differences.
Frequently asked questions (FAQ)
Q: Why isn't content updated in all Hyperproof instances at the same time?
A: We operate distinct instances to meet regional data residency and security requirements (e.g., GDPR, FedRAMP Moderate). Our structured deployment process protects the integrity of each Hyperproof instance. All content undergoes a quality and security review before migration to ensure it is effective and secure for your use.
Q: I need a specific framework for an upcoming audit. What should I do?
A: Contact your CSM as soon as possible. They will work with our content team to understand your timeline and prioritize the framework for an upcoming release. Early communication is the best way to ensure your project timelines are met.
Q: How do I request a new framework or an update to an existing one?
A: Submit all new content requests to your CSM. They will document the requirements and business case for prioritization by our content team.
Q: Does this deployment process affect the performance or availability of the Hyperproof application?
A: No. Content deployments are managed separately from the core application infrastructure and do not cause downtime or performance degradation.
Q: Does this process have an impact on the security of my customer data?
A: No. We have designed this process to protect your data. Content migrations are performed through secure, audited channels completely separate from customer data environments, upholding our security and compliance commitments.
Q: I saw a new feature announced. Is that different from new content?
A: Yes. Product features, such as new functionality or user interface changes, follow a release schedule different from that of content, such as frameworks or templates. Your CSM can provide details on the product roadmap and when to expect new features in your Hyperproof instance. This document refers only to content.
Q: Where can I see what new content Hyperproof included in the latest release?
A: Our standard release notes announce content releases, feature releases, and syncs for Hyperproof instances. For more detailed information about recent and upcoming content releases relevant to your Hyperproof instance, please contact your CSM. See Hyperproof release notes.
Instance | Content deployment model | Key considerations |
|---|---|---|
Hyperproof US | Primary instance for all new content and updates. | Receives the latest content first. |
Hyperproof EU | Content is deployed from Hyperproof US on a planned, periodic basis. | Communicate priorities to your CSM/Implementation Manager. |
Hyperproof Gov | Content is deployed from Hyperproof US through a highly controlled process to meet stringent government security requirements. | Proactive communication of needs is critical for project planning |