Contact sales
Open navigation

Products

Six products. One Customer Environment.

Every Spot Suite product shares the same identity, billing, and audit plane. Regulated teams get Entra OIDC sign-in, exportable evidence packs, and region choices without splitting the operating record.

Secure file exchange with a chain of custody that holds up under audit.

Encrypted Environments, signed deliveries, per-Environment retention, and a tamper-evident transfer log. The delivery substrate that Access Fabric, Control Ledger, and Guardrail Ledger write audit evidence into.

  • Environment-level encryption with per-recipient access
  • Signed delivery receipts and download manifests
  • Retention and legal-hold policy per Environment
Product details

Environments

12

Status

All Environments healthy

Environment-level encryption with per-recipient access
Signed delivery receipts and download manifests
Retention and legal-hold policy per Environment

Cloud cost anomalies and forecasts without a percentage-of-spend bill.

AWS, Azure, GCP, and StackIT cost data pulled read-only. Anomaly detection, attribution, forecasts, and savings playbooks. Flat monthly fee — no percentage of your cloud bill.

  • Daily anomaly detection across AWS, Azure, GCP, StackIT
  • Tag and account-level attribution with cost owners
  • Forecasts and budget tracking with Slack and email alerts
Product details

Included modules

Turns Microsoft 365 and Azure telemetry into auditor-ready evidence packs.

Included from Growth

Tracks landing-zone drift, RBAC and policy changes, and exceptions.

Included from Growth

Runs Entra access reviews and joiner-mover-leaver as auditable workflows.

Included from Business

Bundled at the tier shown. Billed as one Cloud Horizons subscription.

Monthly spend

$347K

Status

Zero anomalies today

Daily anomaly detection across AWS, Azure, GCP, StackIT
Tag and account-level attribution with cost owners
Forecasts and budget tracking with Slack and email alerts

TLS certificate lifecycle management with deploy targets across every cloud.

ACME issuance, deployment workflows across Azure, AWS, GCP, databases, and edge services, plus monitoring, alerting, and MCP tools so an agent can manage renewals for you.

  • Let's Encrypt ACME issuance and auto-renewal
  • Deployment workflows for Azure, AWS, GCP, databases, SSH, and custom APIs
  • DNS automation across Cloudflare, Azure DNS, Route53, Google DNS
Product details

Certificates

1,847

Status

0 expiring this week

Let's Encrypt ACME issuance and auto-renewal
Deployment workflows for Azure, AWS, GCP, databases, SSH, and custom APIs
DNS automation across Cloudflare, Azure DNS, Route53, Google DNS

Multi-tenant IP address management for the Azure tenants your IPAM tool refuses to share.

One IPAM control plane across every Azure tenant you operate. CIDR allocation, cross-tenant conflict detection, reservation workflows, and read-only collectors per tenant. No more spreadsheet per customer.

  • Address-space inventory across multiple Azure tenants in one pane
  • Conflict detection between VNets, peerings, on-prem ranges, and reserved blocks
  • CIDR allocation workflow with approval and per-Environment scoping
Product details

VNets monitored

89

Status

0 conflicts detected

Address-space inventory across multiple Azure tenants in one pane
Conflict detection between VNets, peerings, on-prem ranges, and reserved blocks
CIDR allocation workflow with approval and per-Environment scoping

Joiner, mover, and leaver operations for teams without a dedicated IT desk.

People records, account provisioning, devices, licenses, and audit trails in one lightweight Environment. Built for office managers who need Microsoft 365 and Google Workspace changes recorded, not remembered.

  • Joiner, mover, and leaver workflows for people records
  • Microsoft 365 account creation and deactivation
  • Google Workspace provisioning via domain-wide delegation
Product details

People records

134

Status

0 pending JML actions

Joiner, mover, and leaver workflows for people records
Microsoft 365 account creation and deactivation
Google Workspace provisioning via domain-wide delegation

Insurance UBO and sanctions screening, with Environment-scoped case records.

A focused screening Environment for insurance teams. Records cases, parties, and Yente-backed sanctions matches with Environment-scoped D1 storage and Spot OIDC login — all within a single, isolated compliance boundary.

  • UBO and party screening against self-hosted Yente
  • Case and party records with Environment ownership boundaries
  • Persisted screening evidence with raw provider response retained in D1
Product details

Cases screened

2,103

Status

Last screening pass 2h ago

UBO and party screening against self-hosted Yente
Case and party records with Environment ownership boundaries
Persisted screening evidence with raw provider response retained in D1

Ready to see how the products fit your compliance picture?

Every product in Spot Suite shares the same identity plane, billing record, and audit trail. Start with one app and add more as the scope grows.

View pricing Talk to us