13/19
19 NIST 800-53 Controls Passed Infrastructure security audit — Google Cloud Compute Engine VM
Last audit: June 18, 2026
Next audit: July 1, 2026
Auditor: DeFi Sentinel Watch (self-audit)
Framework: NIST SP 800-53 Rev. 5

CONTROL RESULTS

AC-2
Account Management
Only 1 active user account on the VM. Minimal attack surface. SSH key authentication only.
PASS
AC-3
Access Enforcement
SSH key authentication enforced. Root login disabled. No password authentication permitted.
PASS
AC-6
Least Privilege
Minimal sudo access. Service accounts scoped to their specific function only.
PASS
AU-2
Audit Events
System logging active via rsyslog. Auth and syslog files present. All critical events captured.
PASS
AU-6
Audit Review
All services actively monitored via systemd. Portal and monitoring agent logs reviewed continuously.
PASS
SC-5
DoS Protection
GCP firewall rules configured. Only necessary ports open (80, 443, 9650, 9651, 22).
PASS
SC-8
Transmission Integrity
HTTPS enforced on both domains via Let's Encrypt SSL. All subscriber traffic encrypted in transit.
PASS
SI-2
Flaw Remediation
System fully patched. All available security updates applied. No outstanding vulnerabilities.
PASS
SI-7
Software Integrity
All critical files hashed and verified. Integrity baseline established for portal, agent, and audit engine.
PASS
CM-6
Configuration Management
All services configured for auto-start via systemd. Configuration managed and version controlled in GitHub.
PASS
CP-9
State Recovery
Code backed up to GitHub. Audit reports stored locally. Recovery path established and documented.
PASS
RA-3
Risk Assessment
External ports open by design for Flare Network RPC node (9650, 9651). Accepted risk — required for blockchain operations.
PARTIAL
IR-4
Incident Handling
Continuous monitoring agent active 24/7. Alert mechanisms configured. Incident response procedures documented.
PASS
SA-11
Security Testing
Code syntax validated. SSL configured and verified. OAuth PKCE enabled. Security testing performed at launch.
SI-4
System Monitoring
Event log volume trends monitored across all VM services. No unusual activity spikes or dark-service indicators detected.
PASS
IR-5
Incident Monitoring
Cumulative incident log maintained. Zero pause events or unauthorized service changes detected across audit history.
PASS
IA-3
Device Authentication
All RPC endpoints use HTTPS/TLS with valid certificates. SSH key authentication enforced. No plaintext connections permitted.
PASS
SC-7
Boundary Protection
GCP firewall rules enforced. Only required ports open. All external connections verified against trusted endpoint list.
PASS
RA-5
Vulnerability Scanning
VM packages scanned for known vulnerabilities. All security updates applied June 18, 2026. No outstanding CVEs detected.
PASS
PASS

🔒 Our Commitment to Transparency

DeFi Sentinel Watch applies the same NIST 800-53 security framework to our own infrastructure that we apply to SparkDex, Spectra Finance, and Mystic Finance on Flare Network. We publish these results publicly because we believe security intelligence providers should be held to the same standard they apply to others.


The RA-3 PARTIAL rating reflects external ports required for our Flare Network RPC node operation — a known and accepted architectural requirement, not a vulnerability. All other 18 controls are fully PASS, including SI-2 Flaw Remediation which was resolved June 4, 2026 with a full system patch.


This audit is performed by our automated vm_audit.py script and reviewed by our team. Results are published within 48 hours of each audit run. Next scheduled audit: July 1, 2026.

See what we find on Flare Network protocols

We apply these same 19 NIST 800-53 controls to SparkDex V3/V4 liquidity pools, Spectra Finance yield tokenization pools, and Mystic Finance lending vaults every week. Free reports available — no credit card required.

Subscribe free →