CISO • AUDIT

    Immutable Audit Log

    Blockchain-backed evidence store for security events, policy actions, and integrity validation—built for audits and investigations.

    What it shows

    An immutable audit log provides non-repudiation. It proves that an event happened, which control acted, and what the system state was—without relying on mutable logs.

    How it’s calculated

    • Events are signed and timestamped; critical events are anchored to an immutable ledger.
    • Validator health checks confirm anchoring integrity and replication status.
    • Evidence objects include pointers to source telemetry and policy decisions.

    What to do next

    1. 1
      Use “Recent Activity”
      to verify that critical policy updates and logins are recorded.
    2. 2
      Export evidence packages
      for audits or incidents (includes chain-of-custody).
    3. 3
      Set retention policy
      aligned to your regulatory window (e.g., 180+ days).
    4. 4
      Monitor validator status
      to ensure anchoring SLAs are being met.

    KPIs to watch

    Events logged
    count
    Validator status
    Verified
    Anchoring latency
    seconds

    Why this matters to a CISO

    AI only works if it’s trustworthy
    If models drift or confidence drops, you’re flying blind. This keeps the AI layer honest.
    Drift is normal in OT
    New firmware, new shifts, new processes—all cause drift. You need to detect it early before it erodes detection quality.
    Confidence drives automation
    You can’t let AI auto-contain based on shaky confidence. This metric ensures automation stays aligned with risk appetite.
    Feedback loops improve accuracy
    Every analyst decision sharpens the models. This closes the loop between human intelligence and machine learning.
    Reference UI Screenshot
    Immutable Audit Log screenshot