Skip to content
Assay
Sign inTalk to us

Reports

The deliverables catalog.

Assay's product is the artifacts about the code, not the act of scanning. Each report below is activated per engagement against a piece of signed CAI evidence — the evidence once, the reports for whoever needs them.

Talk to usHow the evidence flow works

The catalog

Six reports. One evidence spine.

Every report reads the same signed evidence — so the numbers agree with each other, and with what the other side saw.

Consequences report

What the findings mean for you, in plain language — value-at-risk, the risks to raise, and what to ask your team to do. Decide and delegate.

Consequences →

Due-diligence dossier

Data-room DD for acquirers, investors and insurers — rubric frozen at LOI, comparable to close, re-derivable by your own advisors.

Due diligence →

Tender & delivery verification

Write "Supplier shall deliver a CAI ≥ 80" into the RFP, and verify it at delivery — pass, fail, or N/A with the reason stated.

Tender →

Contract appendix & attestation

Bind agreed criteria into the deal, and hand over a signed, commit-pinned proof of delivery neither party can move.

Attestation →

Compliance & signing pack

The signed Conformance Pack — measured, gated conformance across ten frameworks, declared by a named person. We measure; you declare; we never certify.

Compliance →

Portfolio appraisal

The standing view across many repositories and suppliers — one rubric, trended, comparable, for a whole book of software assets.

Portfolio →

The evidence is free — the report is the product

Every report is built on signed CAI evidence. The evidence copy you received is free; you pay for the report — per activation, per engagement, never by lines of code.

Tell us the decision. We'll tell you the report.

Talk to usPricing