Audit-Grade Trust, by Design
Every decision the engine makes has a cryptographic receipt.
Examiners can replay it. Auditors can verify it. Concord by IaxaI ships with an append-only, hash-chained, signed audit ledger threaded through every engine output. No screenshots. No ticket exports. No “trust us.”
Why This Page Exists
Your MSSP runs the platform. Your regulator audits you.
Concord by IaxaI sells through MSP and MSSP partners. Your security practice runs the engine on your behalf. That is how modern regulated security operations work. Your bank, your healthcare payer, your insurance carrier offloads the SOC to a partner who knows the tooling cold.
But your regulator does not audit your MSSP. Your regulator audits you. The FFIEC examiner walks into a community bank, the OCC reviewer arrives at a regional lender, the NCUA team shows up at the credit union, the SOC 2 auditor sits down with the SaaS scale-up, the HIPAA OCR investigator opens an inquiry at the health plan. They all ask a version of the same question: show me what your security platform decided, and show me why.
Today most MSSPs answer that question with screenshots, ticketing exports, and Slack history. That works until it doesn't. Concord answers it with a tamper-evident chain the regulator can replay independently. Same input, same decision, same signature, every time.
The Auditability Ledger
Append-only. Hash-chained. Signed. Per tenant.
The ledger is the substrate every other Concord capability writes to. Translation alignments, entity matches, drift events, auto-repairs, alert dedup decisions. All of it lands in one tamper-evident chain, signed at write time with a per-tenant Ed25519 key.
Append-only by constraint
No update path. No delete path. The application role can insert and read. That's it. Retention rotation happens out-of-band under a privileged role, and the rotation event itself is written into the chain.
Hash-chained end-to-end
Each entry is a SHA-256 hash over the previous hash plus the canonical-serialized payload. Tamper a field anywhere in the chain and verification breaks at exactly that line.
Ed25519 signatures
Every entry signed at write time using a per-tenant key. The public key and fingerprint are exportable. A regulator with the public key can verify the chain offline, on their own hardware, without calling our servers.
One chain per tenant
Every tenant gets its own chain head and its own signing key. No cross-tenant evidence leakage. Per-tenant isolation is enforced at the storage layer, not just the application layer.
Honest Build Status
The primitives ship today. The codebase already runs a SHA-256-chained operational audit log, Ed25519-signed provenance bundles for engine decisions, and an immutable SQLite audit store. V1 work in progress is unification: one tenant-scoped chain that ingests every engine decision under a shared schema, queryable and exportable as audit evidence. We are threading existing primitives, not inventing new cryptography.
What You Get Out of It
Three outputs. One chain.
Replay
Deterministic recompute of any decision. Given a ledger range, the engine returns the entries plus the public key plus the verification metadata. Anyone holding the bundle can rebuild the decision and confirm it matches.
Query
Range query, by-entity, by-decision-type, by-actor, by-time. Indexed for the analyst surfaces and for evidence-bundle generation. Read consumers always see enough chain context to verify the slice they pulled.
Export
Filtered evidence bundles for examiner or auditor delivery. The Compliance Evidence Auto-Packets surface consumes these exports: one bundle per framework, per engagement, with a Merkle root over the slice.
Compliance Frameworks
One ledger. Five primary framework targets.
Compliance Auto-Packets ship with first-class control mappings for five frameworks. Broader controls thread through the same ledger. Same evidence, different mapping.
FFIEC
Banks, credit unions, regulated lenders
SOC 2
Tech scale-ups, SaaS, B2B platforms
HIPAA
Healthcare payers, providers, HITECH
PCI-DSS
Card-handling environments, processors
NAIC
Insurance carriers, NAIC Model Law states
Broader controls thread through the same ledger
NIST CSF, ISO 27001, HITRUST CSF, NCUA, GLBA: every framework has its own control mapping but the same underlying evidence. Pull a SOC 2 packet and an FFIEC packet from the same window and they are drawn from one chain. CMMC Level 2 / NIST SP 800-171 is on the 2027 roadmap for the defense-industrial-base vertical.
Retention
Per-vertical defaults. Per-tenant override.
Retention windows ship as vertical defaults and can be overridden per tenant. A multi-vertical MSSP runs the same engine for a bank and a health plan with different retention policies enforced at the ledger layer.
5 years
FFIEC / NCUA
Banking, credit unions
6 years
HIPAA
Healthcare, HITECH
1 + 1 yr
PCI-DSS
1 yr hot · 1 yr cold
1 year
SOC 2
Tech, SaaS
Cold-storage rotation handles archive. When an entry leaves hot storage, the rotation is itself written to the chain so verification never breaks because evidence got moved.
Per-Tenant Isolation
Your evidence is yours. Nobody else's key signs it.
Per-tenant chain head
Every tenant has its own chain head pointer. Your bank's evidence does not chain through another tenant's decisions and never co-mingles in the verification path.
Per-tenant Ed25519 signing keys
File-backed on the on-prem Edge Gateway with OS-level permissions for air-gapped deployments. KMS-backed for cloud SaaS deployments. Same storage interface, different backend.
Storage-layer enforcement
Row-level security on the ledger table scoped bytenant_id. An application bug cannot leak evidence across tenants because the database itself refuses the read.
White-label evidence packets
Compliance Auto-Packets ship with each end-client's own branding, drawn from their own ledger slice, signed with their own key. The MSSP's logo never bleeds onto the bank's exam evidence unless the bank wants it there.
Deployment
Air-gapped Edge Gateway. No telemetry leaves your network.
On-prem Edge Gateway
The full pipeline (Translation, Entity Resolution, Drift Detection, the Ledger) runs in a Docker container inside your network. No outbound calls required for the write path. For institutions that cannot send security data to a cloud SaaS, the engine and the ledger run entirely in-house.
Optional cloud SaaS
Analyst surfaces (dashboards, drill-down narratives, packet generation) can run as managed cloud SaaS for shops that want the convenience. The data plane stays on-prem either way. The choice is per-deployment, not per-product.
IaxaI's Own Compliance Posture
SOC 2 Type I targeted Q3 2026.
IaxaI Inc. is targeting SOC 2 Type I in Q3 2026. That is the compliance gate that unlocks broader MSSP partner enablement, and it is for IaxaI as a company. Controls over how we run the business, the codebase, and our own infrastructure.
The product evidence layer is independent of the corporate audit. FFIEC, SOC 2, HIPAA, PCI-DSS, and NAIC packets generated by Concord ship today via the audit ledger and Compliance Auto-Packets. Your end-client's exam evidence does not wait on our SOC 2 timeline.
Honest framing: Q3 2026 is a target, not earned. We have not completed a Type I attestation yet. Anyone telling you they have a SOC 2 attestation they have not actually earned is the kind of vendor a regulator eventually pulls thread on. We are not that vendor.
Patents and IP
Two patents in active prosecution. The ledger is the engineering moat.
Semantic Translation Engine
Patent in active prosecution at the USPTO. Covers the OCSF normalization plus the reverse transpiler used by the Detection Portability Layer.
Entity Resolution Engine
Patent in active prosecution at the USPTO. Multi-modal embeddings plus Bhattacharyya distance plus conformal prediction. Calibrated identity matching with shipped confidence intervals.
Drift + Auto-Repair (candidate)
Third patent candidate in development. Self-healing pipeline: detect a vendor schema change, propose, shadow, promote, write the whole loop to the ledger.
The Auditability Ledger itself is engineering moat, not patent-protected. Append-only chains and signed receipts are off-the-shelf primitives. The discipline of threading them through every engine output as a hard contract (no Translation result without a receipt, no entity merge without a receipt, no drift repair without a receipt) is the work.
Honest Framing
What this isn't.
Not a replacement for your MSSP's audit practice
Concord ships evidence. Your security partner still owns the conversation with your examiner. We make the evidence defensible; we do not run the engagement.
Not a regulator-certified product
No security product carries that. FFIEC, the OCC, the FDIC, the NCUA, OCR, the PCI Council. None of them certify vendor products. They evaluate the regulated entity. The ledger gives the regulated entity what it needs to pass that evaluation.
Not a vendor-locked stack
Concord sits beside your existing tooling. It does not replace your SIEM, EDR, or SOAR. The translation layer reads what your stack already produces; the ledger records what Concord decides on top of it.
Not a “trust us” pitch
Every claim on this page is replayable from the ledger. Pull the public key. Run the verifier. Confirm the chain. The whole point is that you do not have to take our word.
Stop reconciling. Start trusting one timeline.
30-minute walkthrough. Your tools. Your tenants. Your audit cycle. We will show you exactly where Concord earns its keep.