See What ByteVerity Delivers
Download sample reports to understand exactly what ByteVerity provides. Each report demonstrates our cryptographic provenance and compliance mapping capabilities.
ProofBundle
Cryptographic Evidence
Sample ProofBundle Export
A ProofBundle is the atomic unit of evidence in ByteVerity. Each bundle contains cryptographically signed provenance for a single commit or code change.
What's Inside
- Merkle Root Hash — SHA-256 integrity proof for all included artifacts
- AI Detection Results — Per-file detection with confidence scores
- Agent Attribution — Which AI tool generated each change (Copilot, Claude, etc.)
- Permission Violations — Any policy violations flagged at commit time
- Timestamp Chain — Tamper-evident timestamps for audit trail
SOC 2 Type II
Compliance Mapping
SOC 2 Evidence Mapping
Pre-formatted evidence exports that map directly to SOC 2 Type II control requirements. Designed for auditor consumption with minimal preparation.
Controls Covered
CC6.1 — Logical Access
Permission schema enforcement and access logs
CC6.6 — System Operations
Change management and AI code governance
CC6.7 — Change Management
Code provenance and approval workflows
CC7.2 — System Monitoring
Real-time AI activity dashboards
EU AI Act
Transparency Checklist
EU AI Act Compliance Checklist
Article 52 transparency requirements checklist with pre-populated evidence from ByteVerity's AI provenance tracking system.
Requirements Addressed
- Art. 52(1) — AI system transparency and disclosure
- Art. 52(2) — AI-generated content identification
- Annex IV — Technical documentation requirements
- Art. 14 — Human oversight mechanisms
ISO 27001
Annex A Controls
ISO 27001 Control Evidence
Evidence package for Annex A.14 software development controls, demonstrating secure development practices with AI governance.
Annex A Controls
A.14.2.1 — Secure Dev Policy
Permission schemas and AI governance policies
A.14.2.5 — Secure Engineering
Blast radius analysis and impact assessment
A.14.2.6 — Secure Dev Environment
Hermetic generation and isolated contexts
A.14.2.7 — Outsourced Dev
AI agent activity monitoring and controls
What Auditors See
Every ByteVerity export is designed for auditor consumption, with clear evidence chains and direct control mappings.
{
"version": "1.0",
"bundle_id": "pb_01H8X9Z2K4M5N6P7Q8R9S0T1U2",
"timestamp": "2024-01-15T14:32:18Z",
"merkle_root": "sha256:a7f3b2c1d4e5...",
"commit": {
"sha": "abc123def456...",
"repository": "acme-corp/payments-service",
"author": "developer@acme.com",
"message": "Add stripe webhook handler"
},
"ai_detection": {
"files_analyzed": 3,
"ai_generated_files": 2,
"total_confidence": 0.94,
"detections": [
{
"path": "src/webhooks/stripe.ts",
"is_ai_generated": true,
"confidence": 0.97,
"agent": "copilot",
"signals": ["annotation", "pattern", "timing"]
}
]
},
"governance": {
"policy_version": "1.2.0",
"violations": [],
"approvals": ["auto-approved: utils zone"]
},
"signature": "ed25519:..."
}From Code to Compliance
ByteVerity captures provenance at commit time and generates audit-ready exports on demand.
Commit
Developer pushes code. ByteVerity detects AI-generated content.
Capture
ProofBundle generated with Merkle hash, timestamps, and signatures.
Store
Immutable evidence stored with tamper-evident integrity.
Export
Generate compliance reports mapped to SOC 2, ISO 27001, EU AI Act.
See ByteVerity in Action
Request a personalized demo with sample reports generated from your actual workflow. See exactly how ByteVerity would work with your codebase.