EVIDENCE GUIDES

Evidence Collection Guides

Step-by-step export instructions for security platforms. Follow these guides to collect MFA, EDR, backup, and email security evidence that carriers accept.

Okta

Export MFA enrollment, conditional access policies, and application access logs from Okta Admin Console.

UC-01UC-02UC-13

~15 min

Microsoft 365 / Entra ID

Export MFA status, conditional access policies, and security defaults from Microsoft Entra ID (Azure AD).

UC-01UC-02UC-03UC-13

~20 min

CrowdStrike Falcon

Export endpoint sensor deployment, detection activity, and vulnerability assessment from CrowdStrike Falcon console.

UC-04UC-05

~15 min

Google Workspace

Export 2-Step Verification status, admin audit logs, and security settings from Google Admin Console.

UC-01UC-02UC-03

~15 min

Veeam Backup & Replication

Export backup job status, retention policies, and restore test results from Veeam Backup & Replication.

UC-06UC-12

~15 min

Cisco Duo

Export MFA enrollment status, authentication logs, and policy configuration from Duo Admin Panel.

UC-01UC-08

~10 min

SentinelOne

Export agent deployment status, threat detections, and policy configuration from SentinelOne Management Console.

UC-04

~10 min

KnowBe4

Export security awareness training completion rates and phishing simulation results from KnowBe4.

UC-09

~10 min

Datto RMM

Export patch compliance, device inventory, and monitoring status from Datto RMM for MSP evidence collection.

UC-04UC-05

~15 min

ConnectWise Automate

Export patch status, agent deployment, and script execution logs from ConnectWise Automate.

UC-04UC-05

~15 min

Automate evidence collection with BindLedger connectors

Create Free Account →