Marcus Lee<marcus@acme.com>
9:02 AM (1 hour ago)
to Priya, acme@screenata.com
Priya — can you approve the AWS ProductionDeploy role for Sam Chen? He starts Monday on the deploy rotation. CC'ing Screenata so it's on record.
Product
One agent. Every surface your team already works in.
Vera is not a dashboard you visit when you remember. She scans on a schedule, writes from what she finds, and reports in Slack before standup — with the web app reserved for auditors and deep dives.
Email-native evidence
CC {org}@screenata.com on the approvals you already send. Vera captures the thread as a signed, timestamped evidence record mapped to the right control — no screenshot, no upload.
Gmail
Search mail
A
1–3 of 3
Access approval: AWS ProductionDeploy role — Sam Chen
Inboxacme@screenata.com cc'd on this thread
Priya Patel<priya@acme.com>
9:14 AM (52 minutes ago)
to Marcus, acme@screenata.com
Approved. Granting Sam the ProductionDeploy role in AWS, scoped to deploy actions only. Reviewed his onboarding ticket — all good. Welcome aboard, Sam.
Veravia screenata.comauto · captured in 3s
9:14 AM (52 minutes ago)
to Marcus, Priya
Access approval capturedControl CC6.3 · ProvisioningAWS IAM
Logged Priya's approval as a signed evidence record — approver, role, scope, and timestamp. Mapped to access provisioning. No screenshot, no upload.
approval_SamChen_ProductionDeploy.eml signed · SHA-256
How it works
From connect to continuous monitoring.
Connect once. Vera scopes the program, generates policies grounded in your real systems, and tracks readiness daily — without a consultant in the loop.
( 01 / 04 )
Connect
GitHub, AWS, and Okta — linked in the onboarding wizard. Read-only by construction.
- GitHub org · connected
- AWS account · connected
- Okta · connected
( 02 / 04 )
Scope
Auto-generated control matrix with N/A justifications, right-sized for your team.
- 64 controls identified
- 12 marked N/A
- 52 in scope
( 03 / 04 )
Generate
Policies written from scan results, claims highlighted, overpromises flagged.
- 8 policies generated
- 3 overpromise flags
- Review in editor →
( 04 / 04 )
Monitor
6:30 AM Slack briefing. Readiness tracked continuously while you ship.
- Readiness: 84%
- 2 items need attention
- Daily briefing sent
Multi-channel agent
Vera comes to where your team works.
One agent, one set of tools, one context — across Slack, email, web, CLI, and MCP. Universal email at {org-slug}@screenata.com classifies sender intent and routes to the right control.
Slack
6:30 AM briefings. DM evidence requests with auto-classification on file drop.
Email
Forward auditor questions to {org-slug}@screenata.com. Sender-aware intent classification routes the rest.
Terminal
screenata status, screenata audit check, screenata evidence submit. Pipes into Claude Code.
GitHub
PR compliance reviews, repo scans on push, risk-register sync from Issues. Read-only by design.
24 hours of Vera
While you sleep, the work runs.
Scheduled jobs trigger agents — they only invoke the LLM when there's actual work to do. Compare to a GRC dashboard nobody has opened in three days.
Scheduled cadence
- Daily 06:00 · Evidence freshness
- Daily 06:15 · Readiness snapshot
- Daily 06:30 · Slack briefing
- Mon 09:00 · Cloud + repo scan
- Quarterly · Access reviews
- Annual · Risk assessment refresh
Every AI call is logged and audited — every action becomes evidence about how the AI itself operates.
06:00
Evidence Agent
Checks freshness across 500+ automated checks. Flags items past 90 days. Drafts re-collection messages.
06:15
Readiness Snapshot
Computes per-framework readiness. Compares to yesterday. Identifies blockers vs warnings.
06:30
Slack briefing
Founder gets a 4-line summary. Action buttons inline. Escalation: 4h → DM, 24h → email, 48h → banner.
09:00
Weekly cloud scan
60+ native providers. AWS (159), Azure (98), Kubernetes (79), M365 (78), GCP (55), GitHub (20). Findings hashed and stored.
09:04
Repository Agent
Branch protection verified. Secrets scanning ran on three repos. Code never persisted.
11:42
Vendor discovered from package.json
Stripe added. Auto-researched SOC 2 Type II + DPA. Risk tier classified. Assessment drafted for review.
14:21
PR compliance review
PR #482 modifies auth code. Linked to CC6.1. Comment posted with policy claim and verification suggestion.
+1d 06:30
Briefing
Readiness 87% (+3). Access review evidence collected. S3 encryption fixed. New finding: stale CloudTrail.
Evidence collection
70% automated. 9% guided. 9% screenshots. 5% inbox. Zero dashboard uploads.
Other platforms automate monitoring and leave collection to humans. Screenata closes the loop — including the long tail.
70%
Fully automated
API scans, internal reports, policy linking, native compliance checks across 60+ providers.
9%
Guided collection
Step-by-step flows with AI coaching. The system records results as you work.
9%
Automated screenshots
Browser extension records workflows; vision LLM scores quality before submission.
5%
Inbox-ingested
Forward an email or drop a file in Slack DM. Auto-classified and linked to the right control.
60+ native providers
AWS · Azure · GCP · Kubernetes · M365 · GitHub · Okta · Workspace · Slack · Datadog · CrowdStrike · Snyk · plus more.
500+ automated evidence checks
Each check is a test that produces signed evidence, mapped to SOC 2, HIPAA, ISO 27001, CIS, and NIST 800-53.
Freshness lifecycle
Fresh → stale at 90d → expired at 120d. The Evidence Agent watches and triggers re-collection.
Developer-native
Compliance in the terminal, the PR, and Claude Code.
The enterprise API, screenata CLI, GitHub App, and MCP server are one architecture. Every tool hits the same API. Compliance-as-code, not yet another tab.
~/code/acme — screenata
$
PR compliance review
GitHub App posts on PRs that touch sensitive code. Surfaces the policy claim affected. Status check passes alongside CI.
MCP server
Connect Screenata in Claude Code, Cursor, or Windsurf. Ask 'what's our SOC 2 readiness?' from inside your editor.
Audit pre-flight gate
screenata audit check returns exit 0 / 1. Wire it into CI to stop a release that breaks a compliance assumption.
The audit is one week. Compliance is every week. Screenata runs continuously in your Slack, your PRs, your CI, your terminal, and your auditor’s inbox — not in a tab you forgot to open.
Where we sit
Dashboard-era GRC, or agent-era compliance.
Vanta and Drata are dashboards from a previous decade. Screenata puts continuous compliance into Slack, your PRs, your terminal, and the auditor's inbox.
Dimension
Screenata
Vanta
Drata
Policy source
Infrastructure scans
Templates + AI overlay
Templates + post-hoc AI
Evidence automation
70% fully automated
Semi-automated
Semi-automated
Claim traceability
Policy → Claim → Test → Evidence
Evidence → Control
Evidence → Control
Evidence integrity
RSA/ECDSA + RFC 3161 + BYOK
PDF export
PDF export
Continuous monitoring
Continuous agent
Hourly checks
Autopilot
Primary interface
Slack + email + CLI + web
Dashboard
Dashboard
Pricing
$499/mo
$10–80K/yr
$7–50K/yr
Vanta launched its “Agentic Trust Platform” in November 2025. Drata followed. The agents are workflow automation with AI augmentation. Ask either to show you their agent doing something without a human clicking a button.
Connect and see
Watch Vera work on your real systems.
Connect GitHub and cloud read-only. Vera shows your control matrix, policy gaps, stale evidence, and prioritized next actions before you commit to anything.