Platform Runtime Detection SBOM & SCA Container Scanning Supply Chain Solutions Fintech Engineering SaaS Engineering Regulated SaaS Integrations Pricing Docs Blog
Sign in Start Free Trial

Regulated SaaS

90-day SOC 2 deadline? Your evidence trail generates automatically.

The hardest part of a first SOC 2 audit isn't implementing controls — it's proving to the auditor that the controls ran continuously, not just in the week before the audit. Runtimekindle generates timestamped, signed runtime detection logs, SBOM exports, and supply-chain provenance records from day one of your observation period.

Start Free Trial Talk to Yael
CC6 Logical Access controls covered by runtime logs
CC7 System Operations evidence from detection output
Day 1 Evidence collection starts on first Helm install
1-click Auditor export package generation

SOC 2 Evidence Mapping

What Runtimekindle generates for each control category

CC6 — Logical and Physical Access Controls

Runtime detection logs capture unauthorized process execution, unexpected network connections, and privilege escalation events at the kernel level. Logs are timestamped, signed, and immutable — satisfying the CC6 evidence requirement that system access anomalies are monitored and investigated.

CC7 — System Operations

Container scan results and SBOM exports demonstrate that your team actively monitors for vulnerabilities in production workloads (CC7.1). Supply-chain attestation records show provenance verification for deployed artifacts (CC7.2). Runtimekindle generates all three outputs automatically — no manual collection sprints before audit.

Vendor management evidence (CC9)

CycloneDX SBOMs include license identifiers and dependency provenance for your vendor component inventory. The SBOM export satisfies auditor requests for evidence that your team tracks third-party software components and their associated risk — without building a manual spreadsheet.

One-click auditor export package

When your auditor requests evidence, Runtimekindle generates a time-bounded export package — detection logs, SBOM exports, and provenance records for the observation period, organized by control category. Export and email. No manual compilation, no last-minute sprint before audit week.

From a Regulated SaaS Team

When the auditor asks for evidence, you're ready

We started our SOC 2 Type 2 observation period at the same time we deployed Runtimekindle. By audit time, we had 90 days of continuous runtime detection logs and a signed SBOM for every build artifact. The auditor review for CC6 and CC7 took one hour. Our previous attempt without automated evidence took two weeks of manual preparation and still had gaps.
Engineering Lead
A regulated SaaS team completing first SOC 2 Type 2

Start your observation period with evidence from day one.

15-minute Helm install. Signed runtime logs, SBOM, and provenance from your first deploy.

Start Free Trial Talk to Yael