Currently in Alpha testing.
SOC 2 Type I & II · Open Source

SOC 2 evidence,
collected in minutes

Stop manually hunting through settings pages and exporting audit logs. Evident CI/CD checks 20+ compliance controls across your repositories and produces a timestamped, auditor-ready report — instantly.

Get started for free! Get started for free!
20+ SOC 2 controls · GitHub & GitLab · Cloudflare R2 storage · Open source

Everything your auditor needs

No spreadsheets. No screenshots. One click covers every repository.

Automated evidence collection

Branch protection, required reviewers, CODEOWNERS, secret scanning, vulnerability alerts, CI health, webhook inventory, and 14+ more controls — checked across every selected repository in one run.

📋

Auditor-ready reports

Every control gets a clear Pass / Warn / Fail verdict with supporting detail. Export as Markdown and hand it directly to your auditor — no extra formatting.

🔒

On-prem, in the cloud

Deploy to your own Cloudflare account — on-prem in spirit, serverless in practice. Evidence reports go straight into your R2 bucket. You own the storage, the keys, and the data.

All the simplicity you want

Three steps. Zero busywork. Your report is waiting.

1

Connect your account

Sign in with GitHub or GitLab. We request only the read-only scopes needed for evidence collection — nothing write-access.

2

Select repositories

Choose an organization and pick one or more repositories. Run a single repo or your entire org at once.

3

Download your report

A timestamped, auditor-ready report is generated in seconds and stored in your R2 bucket.

SOC 2 for repositories

Every repository is evaluated against these SOC 2 controls.

Branch protection rules
Required pull request reviews
CODEOWNERS file
SECURITY.md present
Signed commits enforcement
Secret scanning alerts
Dependency vulnerability alerts
Code scanning (SAST)
CI/CD pipeline runs
Deployment environments
Webhook inventory
Outside collaborator access
Rules enforced for administrators
Repository rulesets
Release cadence
CI secrets audit

Simple, transparent pricing

Start free. Upgrade when your audit demands it.

Monthly Yearly Save 20%
Free
$0
 
Solo devs, OSS projects, evaluation
  • SOC 2 Type I only
  • 3 repositories per run
  • Browser-only storage (24 h TTL)
  • Markdown & PDF report download
  • 1 organization/group
Get started free
Business
$149 /mo
or $1,788 / yr
Growth-stage companies, SOC 2 Type II prep
  • SOC 2 Type I & SOC 2 Type II
  • 2-year storage retention
  • Unlimited repositories
  • Unlimited scheduled runs
  • Unlimited API keys
  • Unlimited organizations/groups
  • Evidence diff across time
  • Slack & webhook alerts
  • Custom report branding
  • Priority email support
Coming soon
Enterprise
Contact sales
 
Mid-audit companies, compliance officers
  • Everything in Business
  • SSO (SAML / OIDC)
  • Team seats + RBAC
  • Read-only auditor role
  • Audit log export
  • ISO 27001 / HIPAA checks
  • Custom evidence checks
  • Dedicated Slack channel support
  • SLA + uptime guarantee
  • Invoice billing (no credit card)
Coming soon

Annual billing saves ~20%. Compare all features →