Compliance doesn’t start with the audit, it starts with how you store proof. Notary is an open-source, secure evidence vault designed to preserve the integrity, confidentiality, and traceability of technical compliance data.
Notary
Notary is an open-source, high-trust evidence vault for storing sensitive technical compliance artifacts, such as backup validation records, cloud configuration outputs, policy enforcement logs, and access review exports.
It provides a secure, queryable archive for structured compliance artifacts with strong metadata, version control, and hash verification, making it easy to prove what was done, when, and by whom.
Core Features
- ๐ Encrypted, append-only storage
- ๐ท Structured metadata and evidence classification
- ๐ API for storing, querying, and retrieving artifacts
- ๐งพ Hash verification and optional signature support
- ๐ฆ Compatible with IaC, CI/CD, and compliance tools
Use Cases
- Internal compliance audits and external certification readiness
- Evidence collection pipelines for SOC 2, ISO 27001, NIST, LGPD
- Secure documentation of control execution (e.g., backup runs, access reviews)
- Hash-verifiable exports for due diligence or board reporting
Why It Matters
Most engineering teams rely on screenshots, emails, or volatile logs to “prove” security controls were in place. Vaultum replaces this fragility with structured, verifiable, and secure evidence, enabling audit readiness, technical accountability, and trust at scale.
Get Involved
Vaultum is available on GitHub under the Apache 2.0 license.
