Procurement

Clear the Chainsaw security review without a call

The whitepaper, data-flow diagrams, compliance statements, and CAIQ pre-fill your security team needs to run the review — one zip, by email. No call required first.

  • 01 Enterprise overview VP Eng / CTO

    What Chainsaw does, where it sits in your pipeline, what changes for your engineers on day 1.

  • 02 Security architecture whitepaper CISO / Security architecture

    Tenancy model, encryption, signing, audit trail, network boundaries — with control-by-control reviewer language.

  • 03 Data-flow diagrams Data protection / Legal

    Mermaid-rendered diagrams of every place customer data moves, from the proxy edge through the audit pipeline.

  • 04 Compliance statements Compliance / Legal

    Precise, audit-ready language for SOC 2, ISO 27001, HIPAA, GDPR, PCI DSS, FedRAMP — clearly labelled where Chainsaw is designed against vs. attested vs. out of scope.

  • 05 CSA CAIQ pre-fill (XLSX) Cloud Security Alliance reviewers

    160+ controls across 17 CSA families (AIS, AAC, BCR, CCC, CEK, DSI, DSP, GRC, HRS, IAM, IPY, IVS, LOG, SEF, STA, TVM, UEM), each row sourced back to a tracked path in the repo so your team can audit our work.

What we don't do: over-claim. The compliance statements are explicit about what Chainsaw has been audited against (none, today) vs. designed against (SOC 2 ISO 27001 HIPAA GDPR). If a reviewer needs an attestation as a contract pre-condition, flag it on your first call so we can talk through timing.