Compliance was supposed to protect organizations and build trust. Instead, it became a paperwork nightmare, a frantic scramble of spreadsheets, screenshots, and last minute audit prep that consumes resources while delivering little real assurance. For SMBs (Small, Medium, Businesses) without dedicated compliance teams, the burden is even worse: abstract framework requirements, evidence scattered across dozens of tools, and verification that only happens under audit pressure, months after the fact.

The industry's answer? More consultants, more checklists, more documents that sit in folders until someone asks for them. Meanwhile, actual security and privacy practices drift out of alignment with what's written on paper, and nobody knows until an auditor finds the gap.

But what if compliance could be rebuilt as a continuous, verifiable process? What if evidence integrity could be proven cryptographically, not assumed on trust?

The Horizen x Thrive Builder Funding Program continues to spotlight the innovative teams building on Horizen's privacy first infrastructure. With 16 approved projects in the pipeline and more under evaluation, we're bringing the community closer to the builders shaping the future of confidential, verifiable applications.

For our fourth showcase, we're featuring DataHubz, a team building compliance infrastructure from the ground up. Their flagship platform Hubz turns compliance from a manual, document heavy exercise into a living system of record, with evidence integrity anchored on the Horizen blockchain.

1) How would you describe DataHubz and its flagship platform Hubz to someone unfamiliar with compliance automation?

DataHubz builds compliance infrastructure, not just compliance software.

Our flagship platform, Hubz, helps organizations turn compliance from a manual, document heavy exercise into a continuous, structured, and verifiable operational process.

In simple terms: Hubz helps teams understand what a framework actually requires, guides them step by step, automatically gathers and organizes evidence, and proves, cryptographically, that the evidence hasn't been altered. Instead of chasing spreadsheets and screenshots, teams get a living system of record for compliance.

2) What is the single biggest compliance pain point Hubz solves for SMBs?

The biggest pain point is the gap between what frameworks ask for and what organizations actually do day to day.

SMBs don't fail at compliance because they don't care. They fail because requirements are abstract, evidence is scattered across tools, and verification happens months later under audit pressure. Hubz closes that gap by mapping real operational signals and documents directly to controls, in real time, so compliance becomes part of normal work instead of a separate, painful project.

3) How does Hubz orchestrate documents, evidence, controls, and audits from start to audit ready?

Hubz follows a clear lifecycle:

• Framework aware roadmaps break requirements into concrete, actionable steps.

• Centralized evidence vault ingests documents, logs, configurations, and artifacts.

• Control to evidence mapping links every artifact to specific requirements.

• Continuous monitoring and validation track drift and missing evidence.

• Audit ready views give assessors a structured, time ordered trail of proof.

The result is not just "audit prep," but a defensible compliance posture at any point in time.

4) How does Verifiable Compliance Evidence (VCE) anchored on Horizen change trust assumptions?

Traditional audit trails rely on trust: trust that evidence wasn't modified, backdated, or selectively presented.

With Verifiable Compliance Evidence, Hubz cryptographically fingerprints evidence and anchors those fingerprints on the Horizen blockchain. The evidence itself stays private, but its integrity becomes mathematically provable.

For auditors, customers, and regulators, this shifts trust from process based ("we trust how you prepared this") to cryptographic ("we can independently verify this was unchanged").

5) What real time insights or alerts does Hubz provide?

Hubz can alert teams when:

• Required evidence expires or goes stale

• Controls drift from their expected state

• New risks appear due to configuration or policy changes

• Framework coverage drops below a defined threshold

These alerts help organizations stay compliant continuously, instead of scrambling once or twice a year for audits.

6) What makes Hubz accessible to SMBs without compliance teams?

We designed Hubz assuming no dedicated compliance department:

• Plain language guidance instead of regulatory jargon

• Opinionated workflows that reduce decision fatigue

• Automation where possible, human checkpoints where necessary

• Interfaces built for operators and founders, not auditors

The goal is to let small teams act like large, well resourced compliance organizations, without the overhead.

7) Can you give a concrete example of AI catching a risk or insight?

One example is evidence intelligence: Hubz uses AI to analyze uploaded documents and configurations and flag mismatches between what a policy claims and what the evidence actually shows.

In practice, this has surfaced cases where policies looked compliant on paper, but operational artifacts told a different story, something that would likely be missed until an external audit.

8) What is the role of context matched AI models in Hubz?

Compliance is highly contextual. A control means something different in CMMC than in GDPR or SOC 2.

Hubz uses context matched models that are constrained by:

• The specific framework

• The control intent

• The type of evidence being analyzed

This reduces hallucination risk and keeps outputs aligned with regulatory reality rather than generic AI responses.

9) How do you balance privacy and transparency when anchoring evidence onchain?

Only cryptographic hashes and metadata are anchored onchain, never raw documents or sensitive content.

This means:

• Evidence remains private and access controlled

• Integrity and timestamping are publicly verifiable

• Organizations maintain full data sovereignty

It's transparency without exposure.

10) What has been the hardest technical or product challenge?

The hardest challenge has been building systems that are rigorous enough for auditors but usable by non experts.

That meant combining formal compliance logic, cryptography, AI reasoning, and UX design into a single coherent experience without overwhelming users or oversimplifying requirements.

11) Who is the team behind DataHubz?

DataHubz is built by a team with deep technical and regulatory expertise, including a PhD in Computer Science with a background in privacy enhancing technologies, alongside professionals with decades of experience in data systems, analytics, and compliance operations.

That blend is intentional: Hubz sits at the intersection of theory, engineering, and real world audits.

12) Why did you choose the Horizen ecosystem?

Horizen stood out for three reasons:

• Strong support for privacy preserving architectures

• Flexible infrastructure for anchoring proofs without exposing data

• A philosophy aligned with decentralization, verifiability, and trust minimization

Those capabilities map directly to what compliance should become: provable, privacy first, and independently verifiable.

13) What does success look like in 12 to 18 months?

Success means:

• Hundreds of organizations using Hubz as their system of record for compliance

• Support for multiple major frameworks across security and privacy

• Deep partnerships with auditors, platforms, and ecosystems

• Compliance shifting from "audit season" to always on assurance

Ultimately, success is when compliance stops being a tax and becomes a strategic asset.

Keep up with the latest updates from DataHubz:

🌐 https://www.datahubz.com/

𝕏 https://x.com/datahubz

Stay tuned for the next Project Showcase as we continue to highlight the teams building on Horizen through the Thrive Builder Funding Program.

Compliance was supposed to protect organizations and build trust. Instead, it became a paperwork nightmare, a frantic scramble of spreadsheets, screenshots, and last minute audit prep that consumes resources while delivering little real assurance. For SMBs (Small, Medium, Businesses) without dedicated compliance teams, the burden is even worse: abstract framework requirements, evidence scattered across dozens of tools, and verification that only happens under audit pressure, months after the fact.

The industry's answer? More consultants, more checklists, more documents that sit in folders until someone asks for them. Meanwhile, actual security and privacy practices drift out of alignment with what's written on paper, and nobody knows until an auditor finds the gap.

But what if compliance could be rebuilt as a continuous, verifiable process? What if evidence integrity could be proven cryptographically, not assumed on trust?

The Horizen x Thrive Builder Funding Program continues to spotlight the innovative teams building on Horizen's privacy first infrastructure. With 16 approved projects in the pipeline and more under evaluation, we're bringing the community closer to the builders shaping the future of confidential, verifiable applications.

For our fourth showcase, we're featuring DataHubz, a team building compliance infrastructure from the ground up. Their flagship platform Hubz turns compliance from a manual, document heavy exercise into a living system of record, with evidence integrity anchored on the Horizen blockchain.

1) How would you describe DataHubz and its flagship platform Hubz to someone unfamiliar with compliance automation?

DataHubz builds compliance infrastructure, not just compliance software.

Our flagship platform, Hubz, helps organizations turn compliance from a manual, document heavy exercise into a continuous, structured, and verifiable operational process.

In simple terms: Hubz helps teams understand what a framework actually requires, guides them step by step, automatically gathers and organizes evidence, and proves, cryptographically, that the evidence hasn't been altered. Instead of chasing spreadsheets and screenshots, teams get a living system of record for compliance.

2) What is the single biggest compliance pain point Hubz solves for SMBs?

The biggest pain point is the gap between what frameworks ask for and what organizations actually do day to day.

SMBs don't fail at compliance because they don't care. They fail because requirements are abstract, evidence is scattered across tools, and verification happens months later under audit pressure. Hubz closes that gap by mapping real operational signals and documents directly to controls, in real time, so compliance becomes part of normal work instead of a separate, painful project.

3) How does Hubz orchestrate documents, evidence, controls, and audits from start to audit ready?

Hubz follows a clear lifecycle:

• Framework aware roadmaps break requirements into concrete, actionable steps.

• Centralized evidence vault ingests documents, logs, configurations, and artifacts.

• Control to evidence mapping links every artifact to specific requirements.

• Continuous monitoring and validation track drift and missing evidence.

• Audit ready views give assessors a structured, time ordered trail of proof.

The result is not just "audit prep," but a defensible compliance posture at any point in time.

4) How does Verifiable Compliance Evidence (VCE) anchored on Horizen change trust assumptions?

Traditional audit trails rely on trust: trust that evidence wasn't modified, backdated, or selectively presented.

With Verifiable Compliance Evidence, Hubz cryptographically fingerprints evidence and anchors those fingerprints on the Horizen blockchain. The evidence itself stays private, but its integrity becomes mathematically provable.

For auditors, customers, and regulators, this shifts trust from process based ("we trust how you prepared this") to cryptographic ("we can independently verify this was unchanged").

5) What real time insights or alerts does Hubz provide?

Hubz can alert teams when:

• Required evidence expires or goes stale

• Controls drift from their expected state

• New risks appear due to configuration or policy changes

• Framework coverage drops below a defined threshold

These alerts help organizations stay compliant continuously, instead of scrambling once or twice a year for audits.

6) What makes Hubz accessible to SMBs without compliance teams?

We designed Hubz assuming no dedicated compliance department:

• Plain language guidance instead of regulatory jargon

• Opinionated workflows that reduce decision fatigue

• Automation where possible, human checkpoints where necessary

• Interfaces built for operators and founders, not auditors

The goal is to let small teams act like large, well resourced compliance organizations, without the overhead.

7) Can you give a concrete example of AI catching a risk or insight?

One example is evidence intelligence: Hubz uses AI to analyze uploaded documents and configurations and flag mismatches between what a policy claims and what the evidence actually shows.

In practice, this has surfaced cases where policies looked compliant on paper, but operational artifacts told a different story, something that would likely be missed until an external audit.

8) What is the role of context matched AI models in Hubz?

Compliance is highly contextual. A control means something different in CMMC than in GDPR or SOC 2.

Hubz uses context matched models that are constrained by:

• The specific framework

• The control intent

• The type of evidence being analyzed

This reduces hallucination risk and keeps outputs aligned with regulatory reality rather than generic AI responses.

9) How do you balance privacy and transparency when anchoring evidence onchain?

Only cryptographic hashes and metadata are anchored onchain, never raw documents or sensitive content.

This means:

• Evidence remains private and access controlled

• Integrity and timestamping are publicly verifiable

• Organizations maintain full data sovereignty

It's transparency without exposure.

10) What has been the hardest technical or product challenge?

The hardest challenge has been building systems that are rigorous enough for auditors but usable by non experts.

That meant combining formal compliance logic, cryptography, AI reasoning, and UX design into a single coherent experience without overwhelming users or oversimplifying requirements.

11) Who is the team behind DataHubz?

DataHubz is built by a team with deep technical and regulatory expertise, including a PhD in Computer Science with a background in privacy enhancing technologies, alongside professionals with decades of experience in data systems, analytics, and compliance operations.

That blend is intentional: Hubz sits at the intersection of theory, engineering, and real world audits.

12) Why did you choose the Horizen ecosystem?

Horizen stood out for three reasons:

• Strong support for privacy preserving architectures

• Flexible infrastructure for anchoring proofs without exposing data

• A philosophy aligned with decentralization, verifiability, and trust minimization

Those capabilities map directly to what compliance should become: provable, privacy first, and independently verifiable.

13) What does success look like in 12 to 18 months?

Success means:

• Hundreds of organizations using Hubz as their system of record for compliance

• Support for multiple major frameworks across security and privacy

• Deep partnerships with auditors, platforms, and ecosystems

• Compliance shifting from "audit season" to always on assurance

Ultimately, success is when compliance stops being a tax and becomes a strategic asset.

Keep up with the latest updates from DataHubz:

🌐 https://www.datahubz.com/

𝕏 https://x.com/datahubz

Stay tuned for the next Project Showcase as we continue to highlight the teams building on Horizen through the Thrive Builder Funding Program.