See What Your Auditor Sees
Varax Pro generates audit-ready compliance reports with a single CLI command. Here's what a real report looks like.
Varax SOC2 Compliance Report
Generated by Varax v1.0.0
Cluster: production-eks-us-east-1
Date: March 7, 2026
Framework: SOC2 Trust Services Criteria
Executive Summary
Compliance Score
78
Pass
9
Fail
15
Warn
7
Skip
SOC2 Control Status
| Control | Name | Status | Checks |
|---|---|---|---|
| CC6.1 | Logical Access Controls | Pass | 8/8 |
| CC6.2 | System Credentials | Pass | 4/4 |
| CC6.3 | Authorization Controls | Partial | 4/6 |
| CC6.6 | Security Event Monitoring | Pass | 3/3 |
| CC7.1 | Vulnerability Management | Fail | 2/4 |
| CC8.1 | Change Management | Pass | 4/4 |
| A1.1 | System Availability | Pass | 3/3 |
Showing 7 of 16 controls. Full report includes all controls with evidence.
Evidence: CC7.1 — Vulnerability Management
Check CIS-5.2.3: Minimize the admission of containers with capabilities — FAIL
Resource: Pod/nginx-deployment-7b4c9f8d-x2k9p in namespace default — securityContext.capabilities not restricted
Check CIS-5.2.6: Minimize the admission of root containers — FAIL
Resource: Pod/legacy-worker-5f8b9c6d-m3n7p in namespace processing — runAsNonRoot not set
Remediation guidance: Add securityContext.capabilities.drop: ["ALL"] to all containers...
Full report includes 42 pages
Evidence packages, remediation guidance, and shared responsibility analysis
Free tier shows a compliance score summary in your terminal.
Pro generates this full audit-ready report with one command: varax report --format html
Generate your own report
Install Varax, scan your cluster, and see your compliance score in under 5 minutes.