Automated Evidence Collection

How CloudAnzen automatically collects and organizes evidence from your integrations.

Automated Evidence Collection

CloudAnzen automatically collects evidence from your connected integrations, reducing manual work and ensuring evidence is always up to date.

How It Works

  • Integration sync — CloudAnzen periodically syncs with your connected services (every 1-24 hours depending on the integration).
  • Evidence generation — Configuration snapshots, logs, and settings are captured as evidence artifacts.
  • Control mapping — Evidence is automatically linked to the controls it supports.
  • Freshness tracking — CloudAnzen tracks when evidence was last collected and alerts you if it becomes stale.
  • Types of Automated Evidence

    • Configuration snapshots — Point-in-time captures of system settings (e.g., S3 bucket encryption settings).
    • User lists — Exports of users, roles, and permissions from identity providers.
    • Log summaries — Aggregated audit log data showing monitoring is active.
    • Policy configurations — Security group rules, firewall settings, IAM policies.
    • Scan results — Vulnerability scan outputs and dependency audit results.

    Evidence Freshness

    Evidence has a freshness period based on its type:

    Evidence TypeDefault FreshnessConfigurable
    Configuration snapshots24 hoursYes
    User access reviews90 daysYes
    Vulnerability scans30 daysYes
    Policy documents365 daysYes
    Training records365 daysYes