AccessProof

AccessProof is a web app (with optional lightweight desktop agent) that creates tamper-evident, auditor-friendly evidence of identity and access events across SaaS tools. Instead of exporting inconsistent logs from Okta, Google Workspace, Microsoft Entra, GitHub, and AWS, it normalizes key events (login, MFA changes, role grants, API token creation, admin actions) into a single timeline and generates “audit packets” for SOC 2/ISO 27001 due diligence, customer security reviews, and incident postmortems. It focuses on small-to-mid companies that don’t have a dedicated GRC team and are tired of manual evidence collection. The product is not a full IAM replacement; it sits next to your IdP and critical apps, pulls logs via APIs, hashes and timestamps them, and lets you export signed reports. AI is used only to summarize anomalies and draft narrative explanations for auditors, not to make access decisions.