No magic. Just math.
Observability detects the fire. Déjà documents the cryptographic chain of custody — and proves exactly how it was extinguished. Deterministic analysis, a eight-signal Causal Confidence Score (W1–W8) summing to 1.00, and an Ed25519-signed receipt in an immutable, append-only, tamper-evident ledger.
No LLM. No probabilistic guessing. No “AI that might be right.”
No postmortem narrative your audit firm has to take on faith — verifiable offline with the open CLI.
output = fp://a1c3_3e44_b772
↓
prior = incident_04hcz8 · 142d ago
↓
The structural problem
Most firms reconstruct evidence at audit time.
Most compliance teams reassemble incident evidence weeks after the fact — from Slack threads, Jira exports, and memory. Custody fixes the architecture: the receipt is signed at the moment of attribution, not the moment of audit.
Reconstruction isn’t a process weakness — it’s an architecture. Evidence assembled weeks after the fact, from recollection, can’t be verified by anyone. Custody fixes the architecture: the evidence is signed at the moment of attribution, not the moment of audit.
- ·Audit firm asks for incident-response evidence for Q2. Compliance starts pulling Jira tickets, Slack threads, monitoring snapshots, PagerDuty exports, PDF postmortems.
- ·Evidence is reassembled two-to-four weeks per audit cycle, four cycles per year, by senior compliance and engineering staff.
- ·Context lives in engineers’ heads. People leave; context goes with them. Reconstructed evidence reflects best recollection, not signed primary record.
- ·Auditor receives prose narrative + supporting documents. No way to verify offline. No way to verify the firm didn’t curate the evidence.
- ✓Production incidents produce a cryptographically signed receipt at the moment of attribution — fingerprint, causal change, gate scores, framework scope.
- ✓Your audit firm runs the open
dsr-verifier-clion their own machine — KPMG, Deloitte, EY, PwC, BDO, Grant Thornton, or any independent firm. No Déjà account required. - ✓Audit-ready chain of custody, tamper-evident. Even the failures are on the record — low-confidence attributions, no-matches, failed resolutions, recurrences.
- ✓Evidence stays valid for decades, durable across regulatory cycles. Verifiable even if Déjà disappears.
Why trust a machine’s claim
A signed “resolved” has to earn its signature.
The skeptic’s real question isn’t “can you sign things” — it’s why does a signed resolution mean anything? Because before an R2 receipt is issued, the fix passes five operational validation gates. If it doesn’t, Déjà signs that instead.
File Gate
Matches only if the fix actually touched relevant files. Rules out superficial code colocation.
file_gate · 0.91Rate Gate
Regression rate drops after the fix window. Proves the fix actually reduced failure volume.
rate_gate · 0.87Infra Gate
Rules out infrastructure noise and deploy artifacts. Separates code fixes from environment drift.
infra_gate · 0.95Feature Flag Gate
Correlates fixes to rollout conditions, so flag toggles don't masquerade as code fixes.
flag_gate · 1.00Duration Gate
Verifies fix stability over time. A signed receipt is always issued; the duration result is recorded as a gate field within it.
duration_gate · 0.83This is the part nobody else does: when a gate fails, the failure is signed too. A fix that didn’t hold becomes an R2-F; an incident that comes back becomes an R2-R, chained to its original. Tools that only record successes are marketing. Evidence is whatever happened.
What it’s worth
What the status quo actually costs.
Engineering hours reclaimed
Regulated-firm teams describe audit prep consuming multiple FTE-weeks per cycle — searching Slack for incident context, screenshotting Jira, copying deployment logs into spreadsheets, annotating evidence bundles before the auditor arrives. The cost compounds across SOC 2 Type II, ISO 27001, NYDFS Part 500, DORA, and SR 11-7 engagements. With custody, that time returns to product work — evidence accumulates automatically, on every merge.
Qualitative · from Déjà’s conversations with regulated-firm engineering teams
An audit-finding category eliminated
The output of reconstruction is unsigned, unverifiable, and reassembled under deadline pressure — which is why “evidence reconstruction was manual” is its own recurring finding category. Cryptographically verifiable, tamper-evident receipts remove the category by construction: there’s nothing to reconstruct, because the record was signed at the moment of attribution.
Claim by construction · property of signed-at-attribution evidence
Framed honestly: these are attributed, qualitative claims — not measured statistics. The measured numbers (1.6s median attribution, <60s signal-to-receipt) live on How it works, where the pipeline that produces them is explained.
What makes this a new category
The architecture that didn’t exist before.
Nothing in the existing stack produces signed, deterministic, offline-verifiable receipts at the moment of incident attribution. GRC platforms map controls. Observability detects symptoms. Manual reconstruction reassembles narratives at audit time. Déjà writes the receipt at the moment of attribution, signs it, appends it to a tamper-evident ledger, and lets your audit firm verify it offline — without us in the loop.
The mechanism, in one line
Deterministic analysis at merge time builds the producer graph; at error time the engine looks up the cause, scores it with the eight-signal CCS (W1–W8), and issues an Ed25519-signed DSR/1.0 receipt — same inputs, same answer, every time. The full walk-through, with the pipeline and a real timeline, lives on How it works →
Eight scoring signals — W1 through W8
Weights from canon.ts CCS_FACTORS — verbatim, summing to 1.00.
Zero-trust principle · the category definition
Receipts are independently verifiable. No implicit trust is required between Déjà, the customer, or the audit firm. The signature is the contract; the verifier is the proof; the append-only ledger is the chain. If Déjà were compromised or shut down, your receipts continue to verify — the logic runs in your audit firm’s own copy of dsr-verifier-cli, offline. This is the property that defines the category — and the property no other category preserves.
Stop reconstructing evidence at audit time.
Cryptographic incident-evidence custody. Signed at attribution. Verifiable offline by your audit firm. Durable across regulatory cycles.
14-day trial · no card required · trial receipts watermarked