Meet Serval.Turn evidence wrangling into review.
Serval keeps a live evidence queue mapped to your controls so audits become review, not archaeology.
Serval opinion
GitHub PR #4321 · Access control change
Satisfies CC 6.3. Missing vendor access logs for A.12.1 – mark as ‘needs review’.
Where Serval lives
Sits between your systems and your auditors.
Ingest from Git, tickets, identity, and email into a single opinion-first queue you can approve with a click.
Stack
Serval
Evidence queue + opinions
Pull requests, diffs, and branch protection signals.
Tamper-evident pack
merkle_root=0x92a4...ffd2
Workpapers / risk register
Export aligned to frameworks and owners.
Collaboration
Company-wide, deny-egress review
Auditors, security, and engineers all work in the same evidence queue with no data leaving the environment.
- Auditors review evidence in a read-only workspace.
- Engineers respond in-line without exporting screenshots.
- Nothing leaves your VPC; Serval runs where your data lives.
Audits shouldn't be a fire drill. They should be a byproduct of your daily work. Continuous, automated, and always audit-ready.
Why Serval
Why Serval feels different from most tooling.
Opinion-first workflows, monochrome clarity, and exports your auditors can replay.
Platform design
Evidence queue, not folders
Artifacts stay mapped to controls with lineage instead of drifting across screenshots.
Copilot behavior
Opinion-first decisions
Short, cited opinions replace open-ended chat so reviewers click to approve or adjust.
Deployment
Deny-egress ready
Runs where your data lives. Nothing leaves your boundary, even for exports or proofs.
Traceability
Replayable audit trails
Deterministic logs of evidence, opinions, and decisions for every engagement.
Cost
Model-aware routing
Spend on deeper reasoning only where risk or ambiguity warrants it.
Exports
Tamper-evident packs
Signed manifests with hashes and Merkle roots auditors can re-perform offline.
Scale
Built for high-velocity compliance.
Serval scales with your infrastructure, not your headcount. Automate evidence collection without the manual overhead.
Evidence Generation
From request to artifact
Data Egress
Everything stays local
Controls Mapped
Across SOC 2, NERC, and more
How Serval Works
How
A five-step process to ensure your evidence is mapped, analyzed, and ready for review without leaving your stack.
Connect your stack
Serval integrates with your engineering tools (GitHub, Linear, AWS) and communication platforms (Slack, Email) to capture evidence where work happens.
Map signals to controls
Incoming signals are automatically mapped to your control framework (SOC 2, ISO 27001). No more hunting for 'that one ticket' from three months ago.
Control Library · SOC 2
Serval drafts an opinion
Serval analyzes the evidence against the control requirements and drafts a 'Pass' or 'Needs Review' opinion, citing specific artifacts.
Serval Analysis
PR #4321 includes required approval from @tech-lead and passes all CI checks. Maps correctly to CC 6.1.
Review, don't hunt
Auditors and internal compliance teams review the queue. Approve Serval's opinion with one click or request more context in-line.
Tamper-evident export
Once approved, evidence is cryptographically sealed into a tamper-evident pack that auditors can verify offline.
✔ Merkle Root Build✔ Merkle Root Verification✔ a84...6d is a Valid Rootℹ Updated 1 file:- lib/utils.tsGet started
Ship your next audit as an evidence-first engagement.
Built for teams who need auditor-grade clarity without leaving their boundary.