Evidence program
How we assemble artifacts for security questionnaires and audits.
Evidence supports diligence — it does not constitute certification.
Repository of proof
- Policies published in this compliance hub and linked trust pages.
- CI artifacts (SBOM workflows).
- Change history (Git), Wrangler deploy logs, migration history.
- Pentest letters and tabletop notes (internal retention).
- A procurement evidence packet template is available from your CapchaCloud contact under NDA.
Evidence vault practices are summarized in review calls and can be expanded under NDA.
Exports
Customer-specific exports depend on product surfaces implemented (e.g., audit CSV). Availability improves over roadmap milestones.