01
Every workflow run is timestamped, signed, and stored immutably
Every workflow run is timestamped, signed, and stored immutably
PRODUCT · EVIDENCE
Every action signed. Every workflow replayable.
When auditors ask for evidence, you don't go hunting through Notion and Slack. You export a PDF in three clicks.
KINT runtime
Audit Trail & Compliance
The same governed runtime handles source events, app actions, audit evidence, retries, and replay.
Source event
received
Policy
approved
Evidence
signed
PROOF PATH
How evidence stays ready.
02
Every action mapped to SOC 2 CC6.1, CC6.2, CC6.3
Every action mapped to SOC 2 CC6.1, CC6.2, CC6.3 — and ISO 27001 A.9 equivalents
03
Auditors can replay any workflow run and verify
Auditors can replay any workflow run and verify
04
Evidence packets export as PDF, JSON, or CSV
Evidence packets export as PDF, JSON, or CSV
WHAT IT HANDLES
Built for the real access path.
KINT covers the whole route from source truth to app action: employee data, policy rules, connector readiness, approvals, evidence, and replay stay in one governed path.
Source truth
Governed action
Audit evidence
SOC 2 Type I and Type II evidence: provisioning, revocation, access reviews
ISO 27001 A.9 mappings: access control, user management, privileged access
HIPAA, GDPR data-residency annotations where applicable
Auditor-friendly read-only access: invite your auditor as a viewer
HOW IT WORKS UNDER THE HOOD
What an evidence packet looks like.
{
"workflow_run_id": "wrk_8h2m1k4p9q",
"workflow_type": "offboarding",
"subject_employee_id": "emp_a4f9c2",
"triggered_at": "2026-05-20T10:51:09Z",
"completed_at": "2026-05-20T10:51:56Z",
"duration_seconds": 47,
"soc2_controls_mapped": ["CC6.1", "CC6.2", "CC6.3"],
"actions": [
{ "connector": "google_workspace", "action": "suspend_user", "status": "ok", "evidence_url": "..." },
{ "connector": "slack", "action": "deactivate", "status": "ok", "evidence_url": "..." },
{ "connector": "github", "action": "remove_org", "status": "ok", "evidence_url": "..." }
],
"signature": "ed25519:0xa1b2c3...",
"replay_token": "rpl_x7y8z9"
}Each action's evidence URL contains the request and response payload, PII-redacted. It also stores the connector version and idempotency key. The signature is verifiable with KINT's published public key. Replay tokens re-run the workflow against a sandbox for auditor walkthroughs.