The evidence problem
Weeks of proof, collected by hand
Every framework demands the same thing: prove it. Screenshots, configuration exports, log extracts, policies and inventories. Your engineers lose weeks gathering evidence that auditors consume in hours, every engagement, every year.
What it does
Auditor-ready bundles, automatically
EviGen runs on Windows, macOS and Linux, collecting the artefacts each framework requires and packaging them into a structured, auditor-ready bundle. The profile is framework-aware: a SWIFT CSP engagement collects a different set from an ISO 27001 assessment.
Results in production
Across SWIFT CSP engagements where EviGen is deployed, we return 3 to 8 weeks of engineering effort per engagement. Customer satisfaction runs at 99%. Most of our SWIFT customers now require EviGen by default — not because we ask them to, but because the alternative is weeks of their engineers' time.
Why agent-less matters
A network scanner can confirm a port is open. It cannot export a GPO, confirm a patch level, or capture a firewall ruleset in the form an auditor can use. EviGen runs on the endpoint with the access level the evidence requires. An agent-less edition is in development for environments where agent deployment is constrained.
Supported frameworks
EviGen ships with evidence collection profiles for SWIFT CSP (all controls), ISO 27001 Annex A, DORA ICT risk requirements, NIS 2 Article 21 technical measures, and PCI DSS v4.0 technical controls. Custom profiles can be authored for bespoke frameworks or internal control catalogues.
Frameworks addressed
Related products
Visibility
NetDiagramer
Generates 3D architecture graphs from the same inventory EviGen reads — always current, always audit-ready.
Quantification
cVaR
Computes cyber value-at-risk from your full inventory using FAIR and Monte Carlo simulation.
Every product is field-tested