Audit records
Tamper-evident ledger with verification CLI
Spot Suite catalog product
Microsoft control records automation for NIS2, DORA, and ISO 27001.
Turns your Microsoft 365 and Azure telemetry into auditor-ready audit packs. Coexists with the GRC you already own; replaces the screenshots and spreadsheet chasing.
Audit trail
Every product page lists the audit records a buyer or auditor expects in a due-diligence review before the contract is signed.
Audit records
Tamper-evident ledger with verification CLI
Audit records
Per-control trace from artefact back to source query
Audit records
OIDC tokens carry Environment role and entitlement claims; admins can reset user MFA and passkeys from Spot Suite
What you get
No placeholder modules, no bundled mystery fees.
Scheduled read-only collectors: Microsoft Graph, Entra, Intune, Defender for Cloud, Azure Policy, Azure Activity Log
Pre-mapped control libraries: NIS2, DORA, ISO 27001:2022, CIS v8
Exception register with owner, expiry, and reason of record
Monthly control-drift digest: what failed, what changed, who owns it
SHA-256 append-only ledger with auditor read-only role and scoped exports
Audit packs by framework, business unit, or audit period
Spot Suite identity with passkeys, authenticator-app MFA, and admin reset controls via OIDC
Also in Spot Suite
Secure file exchange with a chain of custody that holds up under audit.
Encrypted Environments, signed deliveries, per-Environment retention, and a tamper-evident transfer log. The delivery substrate that Access Fabric, Control Ledger, and Guardrail Ledger write audit records into.
Assisted pilot available
The missing operator UI on top of Entra access reviews and lifecycle workflows.
Works with Entra, does not replace it. Packages Entra reviews, entitlement management, and lifecycle workflows into auditable business workflows so JML and guest cleanup stop running through spreadsheets.
Assisted pilot available
Weekly Azure guardrail records: what drifted, who approved it, which control is now at risk.
Continuous landing-zone drift, policy and RBAC change tracking, exception governance, and packaged monthly audit records for auditors and customers. What drifted, who approved it, which control is now at risk, every week, on a digest that lands in your inbox.
Assisted pilot available