Contact Us

TruetrailTruth, not trust

Any action in any information system leaves a trail - a log recording of who did what and when. Whether it is a financial transfer or an access to a medical record - it is crucial to maintain the integrity of the trails.

TrueTrail comprehensively solves the integrity problem for audit trails, transparently and cost efficiently.

How can you

  • Trust that your log record has not been changed. 
  • Detect when something is changed or removed.
  • Prove an event to third parties?
  • Without exposing any more than needed?
  • Convince your customers, superiors and/or regulators?
  • Will it hold in court?
And ultimately - What do you need to do (& spend) to comply with the regulations that require you to have positive answers to such questions?

TruetrailVerifiable Audit Trails

Truetrail enables organisations to streamline compliance reporting, handle disputes and maintain true situational awareness.

Truetrail integrates to existing audit trails, providing agents to sources and central API for reporting and proof extraction. Truetrail central API can be deployed as a service or on-premise.

For business ownersTruetrail delivers the following benefits

Fulfil regulatory compliance requirements of audit trail security, retention and verification. Truetrail assures that audit trails are immutable, independently verifiable and without a "best before" date - the proofs are valid indefinitely! GDPR, PCI-DSS, HIPAA, DPA and SOX are just a few examples where Truetrail can help.

Ensuring that audit trails can be presented as evidence with independent proof of the time, integrity of the events as well as proving that events are in the correct order and none have been deleted. Thus, our clients can claim instead of “here are my audit trails and they are true because I say so” that “here are my audit trails and I have mathematical proof that what I am presenting is correct”.

Enhancing any existing security system, as it can be easily integrated into even legacy systems and does not constrain how the audit trails are collected and persisted. Truetrail provides detects any unautohrized changes to logs and databases.

Truetrail approach to audit trail management

Integrity first

Sign all audit trails & regularly verify. Truetrail registers every event (every log line, every database entry, etc) on KSI Blockchain. Integrity is assured by constant re-verification of registered events.

Add-on, DOn't re-invent

Truetrail is an overlay to existing audit trail sources - logs and databases. Currently supported sources include Rsyslog, Oracle, PostgreSQL, MySQL. A toolbox for custom integrations is also available - from simple monitoring of text files to native SDKs.

Integrate, don't replace

Truetrail provides an API to integrate to existing monitoring, reporting and alerting solutions.

Preserve privacy

DATA (Audit trails) is NOT moved outside customer premises, ONLY HASHES are ingested to KSI Blockchain. Also, Truetrail allows to extract an event and its corresponding integrity proof in isolation, without revealing neighbouring information.

Work at scale

Truetrail is utilizing KSI Blockchain as the trust anchor and it scales practically indefinitely. Hundreds and thousands of sources and billions of log lines / events in databases per day? Sounds like a regular Truetrail deployment!

Legally sound

Truetrail is based on KSI Blockchain, which is eIDAS qualified trust service status.

Truetrail vs SIEM

Truetrail is not yet another log analystics solution. Truetrail assures audit trails immutability at creation. The trail contents can be further analysed at a SIEM when needed.

Truetrail

SIEM

Secure audit trailsObjectiveAnalyse audit trails
Secured at source DataLoaded into database
Provably immutable
SecurityBased on perimeter security
Mathematically verifiableProof valueBased on human attestation / expertise
Integrates to other products via APIs
+ automated reports
InteractionDashboard + automated reports

Contact Us

Email again:
By filling out your information, you acknowledge that your information will be transferred to Guardtime sales team for processing. You can withdraw your consent at any time by replying the email. For more information about our privacy policy see here.