Audit evidence
Dated proof for the domain-security questions your audits and reviews keep re-asking.
Every domain answer comes with a signed PDF plus JSON sidecar covering the DNS, email-auth and TLS checks behind it — verifiable offline with the published public key, dated as of the scan, and refreshed on a cadence so it stays current between reviews.
Signed
Ed25519 signature over SHA-256 of PDF plus JSON sidecar. Public key at /.well-known/.
Dated
ISO-8601 UTC scan timestamp on every finding, so each answer reads “verified as of <date>” — and a fresh one lands when you keep it current.
Framework-mapped
Each finding cites SOC 2, ISO 27001, or NIST controls so auditors don't have to translate.
Use cases
- SOC 2 evidence collection
- ISO 27001 Annex A evidence
- Vendor security questionnaire response
- M&A domain due diligence