πŸ”’Live product Β· Paid pilots open

SOC 2 evidence, direct from AWS. In minutes.

Evidence Tracer (EVT) is an AI agent that connects to your AWS account, automatically collects 1,000+ evidence items across 10 services, and generates an auditor-ready SOC 2 report in minutes.

Book a Demo β†’How it works

No credit card. Read-only AWS access. Connect via AWS APIs.

evt scan --account prod
β–‹

Built with input from security professionals at:

CISO @ Series B Fintech SaaSDevOps Lead @ Cloud-Native StartupSecurity Advisor @ AWS Partner NetworkCompliance Engineer @ Enterprise SaaSVP Engineering @ Pre-IPO StartupDevSecOps Lead @ SaaS Scaleup

Three steps. Five minutes.

No setup. No manual uploads. No guesswork.

01

Connect

Grant EVT a read-only IAM role in your AWS account. We can only see your settings. We never write, store, or touch your data.

02

Scan

EVT scans IAM, S3, CloudTrail, Config, EC2, CloudWatch, KMS, Lambda, RDS, and SNS. Every evidence item is timestamped and linked to a real AWS API call.

03

Report

You get an auditor-ready report with gap scores, freshness scores, and remediation steps. Everything maps to the 8 core SOC 2 controls.

Book a Demo β†’

See it run.

A real scan on a real AWS account.

EVT Scan Report2026-03-25 17:31:02 UTC
βœ“CC6.1Access Controls
PASS
βœ“CC6.3Authentication
PASS
⚠CC7.1Monitoring
GAP
βœ“CC8.1Change Management
PASS

0 items collected Β· 8 controls mapped Β· 2 gaps found

From AWS service to SOC 2 control.
Mapped automatically.

EVT scans your live AWS environment, collects evidence, and maps every finding to the correct SOC 2 control β€” in minutes.

πŸ”IAMscanning...
πŸͺ£S3scanning...
πŸ“œCloudTrailscanning...
πŸ”‘KMSscanning...
⚑Lambdascanning...
πŸ—„οΈRDSscanning...
πŸ“¨SNSscanning...
βš™οΈConfigscanning...
πŸ–₯️EC2scanning...
πŸ‘οΈCloudWatchscanning...
CC6.1Logical Access
PASS
CC6.3Access Key Mgmt
PASS
CC6.7Least Privilege
PARTIAL
CC7.1Infra Changes
PASS
CC7.2Security Config
PASS
CC7.4Monitoring & Logging
PASS
CC8.1Change Mgmt
PARTIAL
CC8.2Data Mgmt
PASS
↓

Your infrastructure, hardened.

See exactly what EVT flags and fixes in your Terraform configs.

Before EVTmain.tf
1resource "aws_iam_role" "app_role" {
2  name = "app-service-role"
3
4  # Overly permissive policy
5  actions = ["*"]βœ—
6  resources = ["*"]βœ—
7
8  # No MFA enforcement
9  mfa_required = falseβœ—
10
11  # CloudTrail disabled
12  enable_cloudtrail = falseβœ—
13
14  # No key rotation
15  enable_key_rotation = falseβœ—
16}

Transparent. Traceable. Timestamped.

Built for AWS-native teams who need real evidence, not generated text.

What makes EVT different

Pulls evidence directly from your AWS APIs. Not from templates or generated text.
Every item is timestamped and linked to the exact AWS service it came from.
Read-only access only. We never write to or store anything from your account.
Gap and freshness scores so you know exactly where you stand.
Built exclusively for AWS. Deep, not broad.
Pilot pricing. Not a $15K/year enterprise contract.

How existing tools fall short

βœ•Manual collection. Engineers spend weeks screenshotting configs and pulling logs.
βœ•Generic platforms built for 10 frameworks at once, none done deeply.
βœ•AI-generated content that can't be verified against your actual setup.
βœ•Enterprise pricing that doesn't make sense for pre-Series A companies.
10+

Security professionals who validated the problem

Live

Working product. Book a demo and see it run on your account.

$299-$499

Pilot price. Fraction of what legacy tools charge.

5 min

Evidence collection that takes engineering teams 40+ hours manually.

vs. 40+ hrs manually

Validated by CISOs, DevOps engineers, and security advisors at enterprise SaaS and fintech companies.

SOC 2 evidence that can't be traced to a real API call isn't evidence. Every item EVT collects is timestamped, sourced, and auditor-verifiable.

Pilots. Not enterprise contracts.

Work directly with us. No lock-in. No sales team. Just the tool and the results.

Currently accepting pilots
$299-$499

per pilot engagement

  • Read-only AWS connection. 5-minute setup.
  • Full scan across 10+ AWS services, 1,000+ evidence items
  • SOC 2 Type 1 readiness report with gap scores
  • Remediation guidance mapped to each gap
  • Direct access to the founding team throughout
Book a Demo to Discuss Your Pilot β†’

Problem Validation

What we kept hearing from security teams

From 10+ discovery conversations with CISOs, DevOps leads, and compliance engineers at AWS-native companies.

β€œ

Every time we’ve gone through SOC 2, it’s been two engineers manually pulling configs for three weeks. There’s got to be a better way.

β€” Security Engineer, Series B SaaS (NDA)

β€œ

The problem isn’t knowing what SOC 2 requires. It’s that collecting the actual evidence from AWS takes forever, and half of it is outdated by the time the auditor sees it.

β€” DevOps Lead, fintech startup (NDA)

β€œ

We almost lost an enterprise deal because our SOC 2 evidence package wasn’t ready. The audit itself was fine β€” it was the two months of prep before it that nearly broke us.

β€” VP Engineering, pre-Series B SaaS (NDA)

These reflect real conversations. Names withheld at participants' request.

Common questions.

Your next enterprise deal is waiting on SOC 2.

Pilots are open. Book a 20-minute demo and see EVT on your AWS account.

Book Your Demo →⏱ 20-min demo

No credit card Β· Read-only AWS access Β· Cancel anytime