Skip to main content

What is Evidence?

Evidence is Continum’s compliance verification system that transforms your monitoring signals into audit-ready documentation. When your AI application is monitored by Continum, every interaction creates a compliance record that can be packaged for regulatory audits, security reviews, and certification processes.

Why Evidence Matters

Modern AI applications must demonstrate compliance with regulations like GDPR, SOC 2, ISO 27001, and HIPAA. Evidence provides:
  • Cryptographic Integrity: Every compliance signal is cryptographically linked in an immutable chain
  • Regulatory Attestations: Automatic mapping of signals to regulatory requirements
  • Incident Tracking: Complete audit trails for high-risk detections
  • Audit Packages: Generate comprehensive compliance reports for auditors

Core Concepts

Hash Chain Integrity

Every compliance signal in Continum is linked in a cryptographic hash chain, ensuring tamper-proof evidence: 
Signal 1 → Hash A
Signal 2 → Hash B (includes Hash A)
Signal 3 → Hash C (includes Hash B)
This creates an immutable record where any tampering is immediately detectable. You can verify the integrity of your entire compliance history at any time.

Regulatory Attestations

Continum automatically maps your compliance signals to specific regulatory requirements:
  • GDPR: Article 32 (Security of processing), Article 25 (Data protection by design)
  • SOC 2: CC6.1 (Logical access controls), CC7.2 (System monitoring)
  • ISO 27001: A.12.6.1 (Technical vulnerability management)
  • HIPAA: §164.308 (Administrative safeguards)
Each signal includes attestations showing which regulatory requirements it satisfies.

Incident Management

High-risk and critical signals automatically create incident trails with:
  • Status Tracking: DETECTED → INVESTIGATING → REMEDIATING → VERIFIED
  • Segregation of Duties: Different roles required for investigation vs. verification
  • Audit Trail: Every status change is cryptographically signed
  • Time-to-Resolution: Automatic calculation of response times

Coverage Analysis

Continum tracks your compliance coverage across regulatory frameworks:
  • Which requirements are actively monitored
  • Which requirements lack coverage
  • Recommended monitoring configurations
  • Coverage percentage by framework

Using Evidence

Verify Hash Chain Integrity

Verify that your compliance records haven’t been tampered with: 
curl "https://api.continum.co/evidence/hash-chain/verify?startDate=2024-01-01&endDate=2024-12-31" \
  -H "x-continum-key: co_your_api_key_here"
Response: 
{
  "valid": true,
  "totalSignals": 1523,
  "verifiedSignals": 1523,
  "tamperedSignals": []
}

View Regulatory Attestations

See how your signals map to regulatory requirements: 
curl "https://api.continum.co/evidence/attestations?framework=GDPR" \
  -H "x-continum-key: co_your_api_key_here"
Response: 
{
  "framework": "GDPR",
  "attestations": [
    {
      "signalId": "sig_123",
      "requirementId": "Art32",
      "requirementClause": "Article 32 - Security of processing",
      "sandboxType": "PII_DETECTION"
    }
  ]
}

Track Incident Resolution

Monitor high-risk incidents through their lifecycle: 
curl "https://api.continum.co/evidence/incidents/inc_123" \
  -H "x-continum-key: co_your_api_key_here"
Response: 
{
  "id": "inc_123",
  "signalId": "sig_abc",
  "status": "VERIFIED",
  "changes": [
    {
      "fromStatus": null,
      "toStatus": "DETECTED",
      "userId": "system",
      "timestamp": "2024-03-15T10:30:00Z"
    },
    {
      "fromStatus": "DETECTED",
      "toStatus": "INVESTIGATING",
      "userId": "compliance_officer_123",
      "timestamp": "2024-03-15T11:00:00Z"
    },
    {
      "fromStatus": "INVESTIGATING",
      "toStatus": "VERIFIED",
      "userId": "auditor_456",
      "timestamp": "2024-03-17T14:30:00Z"
    }
  ],
  "timeToResolution": "48 hours"
}

Generate Evidence Packages

Create audit-ready compliance reports: 
curl -X POST "https://api.continum.co/evidence/packages" \
  -H "x-continum-key: co_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "framework": "SOC2",
    "startDate": "2024-01-01T00:00:00Z",
    "endDate": "2024-12-31T23:59:59Z",
    "includeIncidents": true,
    "includeHashChain": true
  }'
Response: 
{
  "packageId": "pkg_123",
  "framework": "SOC2",
  "signalCount": 1523,
  "attestationCount": 4569,
  "incidentCount": 12,
  "coveragePercentage": 94.5,
  "downloadUrl": "https://api.continum.co/evidence/packages/pkg_123/download"
}

Evidence Package Contents

Generated evidence packages include:

Executive Summary

  • Monitoring period
  • Total interactions monitored
  • Risk level distribution
  • Incident summary
  • Coverage analysis

Compliance Attestations

  • Signals mapped to regulatory requirements
  • Coverage by requirement
  • Gaps and recommendations

Incident Reports

  • High-risk and critical incidents
  • Investigation timeline
  • Resolution status
  • Time-to-resolution metrics

Hash Chain Verification

  • Complete cryptographic chain
  • Integrity verification results
  • Tamper detection (if any)

Supporting Documentation

  • Monitoring configuration
  • Detection methodologies
  • Regulatory framework mappings

Compliance Policies

Define automated compliance policies that trigger actions based on detection patterns: 
curl -X POST "https://api.continum.co/evidence/policies" \
  -H "x-continum-key: co_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "PII Protection Policy",
    "description": "Enforce PII detection on all interactions",
    "detectionCriteria": {
      "violationTypes": ["PII_EXPOSURE"],
      "riskLevels": ["HIGH", "CRITICAL"],
      "regulations": ["GDPR", "HIPAA"]
    },
    "active": true
  }'
Policies automatically:
  • Track enforcement statistics
  • Alert on violations
  • Generate compliance reports
  • Identify inactive policies

Data Retention

Continum respects data retention requirements while maintaining compliance evidence:

Retention Policies

Configure retention based on regulatory requirements: 
curl -X POST "https://api.continum.co/evidence/retention/policies" \
  -H "x-continum-key: co_your_api_key_here" \
  -H "Content-Type: application/json" \
  -d '{
    "framework": "GDPR",
    "minRetentionDays": 365,
    "maxRetentionDays": 2555,
    "active": true
  }'

Protected Evidence

Signals involved in active incidents are automatically protected from deletion until the incident is resolved and verified.

Hash Preservation

When signals are deleted, their hash values are preserved to maintain chain integrity, allowing continued verification of the compliance record.

Pattern Correlation

Continum automatically detects patterns across multiple signals: 
curl -X POST "https://api.continum.co/evidence/correlations/detect" \
  -H "x-continum-key: co_your_api_key_here"
Correlation detection identifies:
  • Repeated violations of the same type
  • Systemic compliance issues
  • Emerging risk patterns
  • Areas requiring attention

External Auditor Access

Grant read-only access to external auditors:

Auditor Tokens

Create time-limited tokens with specific permissions:
  • READ_SIGNALS: View compliance signals
  • READ_ATTESTATIONS: View regulatory mappings
  • READ_INCIDENTS: View incident trails
  • VERIFY_HASH_CHAIN: Verify cryptographic integrity
  • DOWNLOAD_PACKAGES: Download evidence packages

Auditor API

Auditors use a separate API with restricted access: 
curl "https://api.continum.co/auditor/signals?customerId=cust_123" \
  -H "Authorization: Bearer aud_token_abc123"
All auditor access is logged for compliance tracking.

Best Practices

Regular Verification

Verify hash chain integrity regularly:
  • Daily automated checks
  • Before generating evidence packages
  • During security audits

Incident Response

Establish clear incident workflows:
  • Immediate investigation of CRITICAL signals
  • 24-hour response for HIGH signals
  • Weekly review of MEDIUM signals
  • Segregation of duties for verification

Coverage Monitoring

Track compliance coverage:
  • Review coverage reports monthly
  • Address gaps in monitoring
  • Update monitoring configurations
  • Validate regulatory mappings

Evidence Package Generation

Generate evidence packages:
  • Quarterly for internal reviews
  • Annually for compliance audits
  • On-demand for security assessments
  • Before regulatory submissions

Supported Frameworks

Continum provides evidence for:
  • GDPR: EU General Data Protection Regulation
  • SOC 2: Service Organization Control 2
  • ISO 27001: Information Security Management
  • HIPAA: Health Insurance Portability and Accountability Act
  • CCPA: California Consumer Privacy Act
  • EU AI Act: European Union AI Regulation
  • PCI DSS: Payment Card Industry Data Security Standard

Next Steps

API Reference

Explore Evidence API endpoints

Dashboard

View evidence in dashboard

Compliance

Learn about regulatory frameworks

Incident Management

Understand incident workflows