Automated Evidence Collection
CloudAnzen automatically collects evidence from your connected integrations, reducing manual work and ensuring evidence is always up to date.
How It Works
Types of Automated Evidence
- Configuration snapshots — Point-in-time captures of system settings (e.g., S3 bucket encryption settings).
- User lists — Exports of users, roles, and permissions from identity providers.
- Log summaries — Aggregated audit log data showing monitoring is active.
- Policy configurations — Security group rules, firewall settings, IAM policies.
- Scan results — Vulnerability scan outputs and dependency audit results.
Evidence Freshness
Evidence has a freshness period based on its type:
| Evidence Type | Default Freshness | Configurable |
|---|---|---|
| Configuration snapshots | 24 hours | Yes |
| User access reviews | 90 days | Yes |
| Vulnerability scans | 30 days | Yes |
| Policy documents | 365 days | Yes |
| Training records | 365 days | Yes |