Get the artifact your auditor (or procurement team) needs
Self-serve flow for the most common asks. We respond within 5 business days; signed delivery to a verified contact at your organization. No SaaS account required.
What you can request
Attestation report
SOC 2 Type I (when complete), Type II, ISO 27001, ISO 42001 — see current status. Released under NDA.
Security questionnaire
Pre-answered CAIQ, SIG Core, SIG Lite, VSA, or your custom questionnaire. See all available.
Audit evidence pack
For your own org's auditor: a signed bundle from a fastpace install.
Generated via fastpace snapshot --since YYYY-MM-DD:
ADRs + audit log + run manifests + AI-BOMs + framework mapping
+ provenance trailers + (optional) red-team posture report. The
evidence layer is vendor-neutral: the same guardrails +
signed capture deploy to Claude Code, Codex, and Gemini CLI (one hook
codebase, generated per vendor), so swapping the model won't move the
paper trail.
Penetration test summary
Latest external pen test summary. Released under NDA. Full report on request after MNDA.
Custom data-flow diagram
Org-specific data-flow narrative for your runtime architecture (Bedrock / Azure OpenAI / Vertex / Anthropic-direct). We deliver a narrative + diagram tied to YOUR sub-processor list.
Request form
Fill in the form; submit goes to security@fastpace.net
via your default mail client (no portal account required for the
first cut). Encrypt the email with our PGP key for sensitive details.
What we don't do
We don't share your data with third parties
Evidence requests stay between fastpace and your security/procurement team. We do not publish your name, your org's name, or the artifact request to a public ledger.
We don't put fastpace internals in cleartext
Audit evidence packs from fastpace snapshot contain only
sha256 digests of prompts, responses, and contexts — never plaintext.
See the threat model for the full
privacy stance.
Prefer email straight away? security@fastpace.net. Acknowledgement within 48 hours.