Argus2026.01
Audit Evidence Bundle
A system you can
defend in court.
A tamper-evident record of remediation: what was reported fixed, what Argus independently validated, and the hash-chained evidence behind every material transition.
Non-exploitative validation statement
Argus is a read-only, non-invasive, non-exploiting platform. No finding in this bundle was produced by exploitation; every verdict derives from versioned, reproducible logic over collected evidence. Reported-fixed and validated-fixed are kept distinct. No generative AI participates in the decision path.
Closure
Fix Pack closure summary
Validated closed
64
Reported, awaiting recheck
5
Validation failed
3
Accepted risk
2
Ledger
Validated closures — evidence trail
| Fix Pack | Finding | Reported | Validated | Outcome | Entry hash |
|---|---|---|---|---|---|
| FP-2026-0042 | Public Swagger endpoint exposed | 05-28 | 05-29 | Validated | c0e9…7d20 |
| FP-2026-0019 | Anonymous LDAP on dc-02 | 05-26 | 05-27 | Validated | 9b21…44af |
| FP-2026-0205 | Public S3 bucket read ACL | 05-24 | 05-25 | Failed | 7d4c…0e18 |
| FP-2026-0033 | EOL Windows Server 2012 R2 | — | — | Accepted | f1a8…22b9 |
Each entry's hash binds the previous entry. Verify the chain offline with the exported proof JSON; any modification breaks the chain.
Alignment
Control alignment
| Control | Reference | How Argus supports it |
|---|---|---|
| Logging | ISO 27001:2022 A.8.15 | Every state-changing action recorded with actor, timestamp, outcome |
| Configuration mgmt | A.8.9 | Templates & knowledge version-locked in the signed release |
| Threat intelligence | A.5.7 | NVD · CISA KEV · EPSS from signed feeds, operator-approved updates |
| Access control | A.5.15 | CSRF-protected, authenticated operator actions only |