Built for security teams who understand that compliance is a means to an end - not the end itself. Every feature in TATER is designed to improve your actual security posture, not just your audit score.
Compliance audit prep shouldn't require an all-nighter. TATER's continuous monitoring means evidence is always collected, every control is always assessed, and your posture is always audit-ready - not just the week before.
Map, assess, and report across all major compliance frameworks from a single platform.
Assess 4,000+ controls across 19 compliance frameworks from a single unified interface. NIST 800-53, ISO 27001, SOC 2, PCI-DSS, HIPAA, CIS Benchmarks, CISA SCuBA, DISA STIGs, and more - with cross-framework overlap detection.
Learn More →Map controls to NIST 800-53, ISO 27001, SOC 2, PCI-DSS, and HIPAA with granular control mapping and per-org compliance narratives. Track posture across all frameworks simultaneously.
Learn More →Generate audit-ready responses for 300+ standard controls across NIST, ISO, SOC 2, PCI-DSS, and HIPAA. Context-aware prompts use your actual compliance posture to produce organization-specific narratives.
Learn More →Generate audit-ready security policies from 11 professional templates with org branding and PDF export. Information Security, Incident Response, Access Control, and more - ready in minutes.
Learn More →Track historical compliance posture over time with interactive trend charts. Visualize improvement trajectories, identify regressions, and demonstrate progress to auditors and leadership.
Executive-ready dashboards with drill-down analytics. Generate compliance reports by framework, export to CSV/Excel, and track KPIs across your entire environment.
A zero-knowledge password manager built into the suite. Vault items are encrypted in the browser; the server only ever stores ciphertext. Built-in TOTP/MFA codes, a strong password generator, breach scanning, duplicate/weak-password detection, and RSA-based group sharing — with org-owned escrow so credentials survive employee offboarding.
Learn More →Fully trust a vendor or service sender across both Exchange Online mechanisms in one idempotent operation — the positive-trust transport rule (banner + SCL -1) and the Outlook external-tag allow list. TATER generates one safe-to-re-run PowerShell script with guardrails baked in: tenant-confirm pre-flight, DMARC posture check, and read-modify-write dedupe so you never half-trust a sender or clobber existing entries.
Learn More →Turn meeting records and operational handouts into polished, co-branded Word documents in one click — with your real organization logo embedded automatically. Meeting summaries auto-populate from decisions and linked action items; technician quick-starts and training agendas build from your live configuration. Your AI agent can generate them directly through the MCP server.
Learn More →Most organizations face overlapping compliance requirements from multiple regulatory bodies. TATER eliminates the need to manage each framework independently by providing a single unified view of 4,000+ controls spanning CIS Benchmarks, CISA SCuBA, DISA STIGs, NIST 800-53, ISO 27001, SOC 2, PCI-DSS, and HIPAA. When one control satisfies requirements across multiple frameworks, TATER maps those relationships automatically so you only need to collect evidence once.
The platform continuously evaluates your environment against all active frameworks simultaneously. Real-time scoring shows exactly where you stand with each authority, and cross-framework gap analysis reveals shared weaknesses that a single-framework tool would miss entirely.
Auditors expect more than a list of pass/fail results. TATER maps every compliance control to the specific sections of NIST 800-53, ISO 27001, SOC 2, PCI-DSS, and HIPAA where they apply, then lets you attach per-organization compliance narratives explaining your implementation approach for each standard section.
The standards detail view breaks each framework into its constituent sections and shows which TATER controls map to each one, along with the current compliance percentage. AI-powered narrative generation uses your actual scan results and organizational context to draft audit-ready responses.
Writing compliance narratives, answering audit questionnaires, and drafting remediation guidance consumes hundreds of hours per audit cycle. TATER uses AI to generate context-aware responses for over 300 standard controls. Each narrative incorporates your actual compliance scan results, organizational context, and implementation details to produce answers that auditors will accept.
Beyond narratives, the AI assists with remediation guidance by suggesting specific configuration changes based on the control definition and your current environment state.
TATER provides 11 professionally written policy templates covering the most common requirements auditors look for: Information Security, Acceptable Use, Incident Response, Access Control, Data Classification, Business Continuity, Change Management, Vendor Management, Remote Work, Data Retention, and Vulnerability Management.
Each template uses a variable engine with typed placeholders. Generated policies export to branded PDFs with your organization logo, cover page, table of contents, and professional formatting.
TATER Vault is a full team password manager built into the suite at vault.tatersecurity.com, with a companion browser extension for save-on-login and auto-fill. It is genuinely zero-knowledge: every vault item is encrypted and decrypted in your browser with a key derived from your master passphrase, and the server only ever stores ciphertext. TATER — and anyone who could read the database — never sees a plaintext credential.
Vault closes the gap that compliance frameworks keep flagging: shared credentials in spreadsheets, reused passwords, and no way to recover access when an employee leaves. Built-in MFA means your time-based one-time codes live next to the login they protect, and the security dashboard turns the vault into a posture signal — reused, weak, breached, and 2FA-missing entries surface as a health score you can act on.
Fully trusting a vendor or service sender in Exchange Online is deceptively two separate jobs, and admins routinely do only one. The positive-trust side is a mail-flow rule that prepends a TRUSTED SENDER banner, sets SCL -1 to bypass spam scoring, and stops further processing. The tag-suppression side is the Outlook external-sender allow list that removes the native [External] warning. Do only the first and the [External] tag stays; do only the second and the message is still spam-scored with no positive signal.
TATER turns it into one designated list per organization and generates a single idempotent Exchange Online PowerShell script that reconciles both surfaces — safe to re-run, with the three real-world footguns handled as guardrails so you can't half-trust a sender or quietly break the ones you already trust.
The recap, the handout, the agenda — the documents teams re-type after every meeting and onboarding — TATER generates in one click, co-branded with your real organization logo embedded automatically. Meeting summaries pull straight from the meeting record and its closed-loop links: attendees, decisions, and the action-item tasks they spawned, with owners and due dates. Technician quick-starts and training agendas build from your live configuration so the handout reflects the workflow you actually run, not generic boilerplate.
Every document carries both your branding and the TATER mark, in a polished Word (.docx) file with a 4-hour download link, and a Markdown rendition saved to your knowledge base. Your AI agent can produce them directly through the MCP server, so "write up that meeting and send everyone a recap" becomes a single instruction.
Detect vulnerabilities, map adversary techniques, and remediate findings automatically.
1,385+ pre-built remediation scripts execute with one click - 82 for M365 cloud controls and 1,318 for Windows endpoint hardening (W11E, Server 2019/2022/2025). Secure execution via Azure Automation.
Learn More →1,318 CIS Benchmark remediations for Windows 11 Enterprise and Server 2019/2022/2025 - filter by severity, select failing controls, and trigger automated fixes with one click.
Learn More →Per device group, per app (Chrome, Edge, Defender, Office, Windows), set a security posture dial 0-10. Accept risk on individual CIS controls with a documented reason and optional expiry. The TATER Agent enforces it on every device in that group within 30 minutes - no manual PowerShell waves, no Group Policy rollouts. Devices in multiple groups inherit the highest level per app. Levels 1-3 ship now; 4-10 are a one-PR addition.
Learn More →Live interactive shell, patch management (winget/brew/apt/dnf), software deployment catalog, BitLocker / FileVault / LUKS recovery key escrow, USB / app-allow / JIT-admin / power / browser / DNS policies, Wake-on-LAN, process control, and an end-user self-service portal. ManageEngine Endpoint Central feature surface, built on the same agents you already deploy for compliance.
Learn More →Create and assign Microsoft Intune Proactive Remediations and Platform Scripts directly from TATER, via Microsoft Graph - per-org-tenant. What-If preview before apply, explicit Entra group targeting with a Targets column, change-control gating, and full audit logging. 8 MCP tools mirror the GUI exactly for AI-driven deployment.
Learn More →Discover CVEs across your fleet via Microsoft Defender for Endpoint. Cross-reference with CISA KEV catalog and EPSS exploit prediction scores.
Learn More →OneDrive sync health, CISA KEV exposure, and your own templated agent monitors (service, process, port, disk, certificate, BitLocker, scheduled task, custom script) on one deduplicated findings surface with severity, SLA, and lifecycle. Create monitors, toggle on/off, and promote a finding to an Ops task only when it needs help-desk lifecycle - instead of drowning the queue in auto-filed tickets.
Learn More →Weighted risk scores prioritize remediation by impact, likelihood, and asset criticality. SLA timers track remediation deadlines with escalation warnings.
Learn More →Map compliance controls to MITRE ATT&CK adversary techniques. Visualize coverage gaps and identify which tactics your controls defend against.
Learn More →Automatically discover and track 80+ applications across your environment. Integrated endoflife.date version checking flags EOL software before it becomes a gap.
Learn More →Detect configuration changes between scan cycles in real time. Drift alerts notify you when controls regress from Pass to Fail so you can respond before your next audit.
Prioritize vulnerabilities using FIRST EPSS probability scores. Focus remediation on CVEs most likely to be exploited in the wild, not just the highest CVSS.
Eight pre-built incident response playbooks guide your team step-by-step through security events with decision trees and escalation paths.
Learn More →Curated step-by-step rollouts for high-leverage initiatives - Conditional Access for compliant devices, MFA, DMARC enforcement, BitLocker, PIM. Verification and rollback notes at every step. Per-org progress tracking. Reviewed periodically for accuracy.
Learn More →Wikipedia-style wiki shared across every TATER organization. Generic process knowledge - troubleshooting playbooks, diagnostic decision trees, remediation methodology, vendor primers, error-code translations. Searchable, contributable by any Auditor+, with a content validator that prevents organization-specific data leakage.
Learn More →TATER closes the loop with 1,385+ pre-built remediation scripts that fix failing controls directly from the platform. A single click triggers a secure execution pipeline through Azure Automation, complete with user confirmation, parameter review, and full audit trail logging.
The system covers two domains: 82 M365 cloud scripts fix Defender, Exchange Online, SharePoint, Entra ID, Power BI, Purview, and CISA SCuBA controls via the Graph API. 1,318 Windows endpoint scripts harden Windows 11 Enterprise and Windows Server 2019/2022/2025 machines against CIS Benchmark controls via local registry, secedit, auditpol, and firewall policy.
TATER's Endpoint Hardening Plan gives you a complete, actionable checklist of CIS Benchmark controls for every Windows platform in your environment - with one-click automated remediation for each.
The plan pulls scan results from the TATER agent running on your endpoints, shows each control's current Pass/Fail/Not Scanned status, and lets you filter by severity (Critical/High/Medium/Low) or status. Select multiple failing controls and trigger all their remediations in batch - scripts run through Azure Automation and report results back in real time.
TATER doesn't just read your Microsoft Intune posture - it deploys to it. From the Ops → Intune page you author and assign Intune Proactive Remediations (deviceHealthScripts) and Platform Scripts (deviceManagementScripts) directly via Microsoft Graph, scoped to each org's own tenant, without leaving TATER or opening the Intune portal.
Every deployment carries enterprise guardrails so a fleet-wide change is never a surprise: a What-If preview shows the exact Graph payload before anything is applied, assignment requires explicit Entra groups (never all-devices by accident), each apply is gated behind an approved change request, and the whole action is written to the audit log.
DeviceManagementScripts.Read.All, writes need DeviceManagementScripts.ReadWrite.AllTATER integrates with Microsoft Defender for Endpoint to pull device inventories, CVE data, and software catalogs directly into your compliance platform. Every vulnerability is automatically cross-referenced against the CISA KEV catalog. EPSS scores help prioritize remediation by real-world exploit likelihood.
The endpoint security dashboard provides tabbed views for devices, vulnerabilities, CISA KEV alerts, installed software, security recommendations, and Intune compliance status.
Application Monitoring is the home for noisy, continuously-detected fleet signals. Instead of auto-filing thousands of help-desk tickets, every detection is kept as a deduplicated finding - a continuously-updated state you acknowledge, suppress, resolve, or explicitly promote to an Ops task when it genuinely needs help-desk lifecycle.
Built-in monitors (OneDrive sync health, CISA KEV exposure) work out of the box. Templated monitors you create are evaluated by the TATER agent on every targeted device on a schedule and reported back as findings.
TATER assigns weighted risk scores to every control based on impact severity, likelihood of exploitation, and asset criticality. SLA tracking adds accountability: critical findings get 24-hour SLAs, medium-risk items get 30 days. Escalation warnings appear as deadlines approach.
Quantitative risk metrics including ALE, SLE, and ARO transform subjective risk assessments into concrete financial figures for executive communication.
TATER bridges compliance and threat intelligence by mapping controls directly to ATT&CK tactics and techniques. The coverage view shows which tactics are addressed by your current posture and where gaps exist, allowing you to prioritize based on real-world threat intelligence.
TATER automatically discovers applications running across your environment by analyzing endpoint scan data. Every discovered application is checked against the endoflife.date API for version lifecycle status. EOL software is flagged immediately.
TATER includes 8 pre-built incident response playbooks that provide structured, step-by-step guidance for the most common security scenarios. Each playbook follows industry-standard methodology with clear phases for preparation, detection, containment, eradication, recovery, and lessons learned.
Implementation Guides are curated, step-by-step rollouts for the security initiatives every M365 organization eventually needs to do - but rarely has documented end-to-end. Each guide is structured for project-style execution: prerequisites, ordered steps with explicit verification at each one, rollback notes for when something doesn't go as planned, and links to the controls and frameworks the initiative advances.
p=rejectTATERpedia is a Wikipedia-style wiki shared across every TATER organization. It's the platform's collective brain - generic process knowledge that every customer benefits from but no single org should have to write from scratch.
14 purpose-built GRC modules covering the full governance lifecycle - from risk registers and audit management to change control and regulatory tracking - integrated with the core compliance engine.
Central risk catalog with quantitative ALE scoring, treatment plans, and a 5x5 likelihood-impact heat map. Risks link bidirectionally to compliance controls.
Learn More →Curated built-in templates for risks, vendors, audits, BCP/DR plans, control tests, training campaigns, and POAMs - one-click "From template" buttons in every create modal. AI agents see the same library via 3 MCP tools (list_entity_templates, create_entity_from_template, save_entity_as_template) and follow a Template-First Rule that promotes successful patterns into reusable org templates over time. Compliance work compounds instead of starting from scratch.
POA&M tracking with OMB A-130 / DoD eMASS export. NIST RMF 6-step lifecycle stepper. SSP authoring with OSCAL JSON and Word .docx export. DISA STIG .ckl and XCCDF/SCAP imports map findings to TATER controls and auto-create POAM items.
WebRTC remote-support sessions to managed endpoints. PE-3 end-user consent (30s fail-closed dialog), mouse/keyboard input injection, bidirectional clipboard, multi-monitor selection, and AU-14 session recording with in-app playback timeline. Capabilities individually toggleable; off by default at every level.
Reusable PowerShell / Bash scripts with fan-out execution against up to 500 target devices via the TATER Agent. Per-target stdout/stderr capture, aggregated job status with auto-poll, risk levels, auto-versioning. Seven MCP tools so AI agents can drive the full lifecycle from chat.
Plan, execute, and track audits. Manage findings from discovery to resolution, collect evidence from control owners, and maintain an audit calendar.
Inventory data assets with classification labels, map data flows, conduct privacy impact assessments, and enforce retention policies.
Document BCP/DR plans with RTO/RPO targets, conduct business impact analysis, and track test exercises with version-controlled procedures.
Structured approval workflows for risk acceptance with compensating controls, multi-level approval chains, and automatic expiry enforcement.
Curated feed of framework updates with impact assessments, affected controls analysis, and compliance deadline tracking.
Campaign management with target audiences, completion tracking, phishing simulation result import, and training compliance reports.
Automated test scheduling with reusable test procedures, historical results with trend charts, and automatic gap detection from failures.
Periodic user access certification campaigns. Review privileged roles, service accounts, and group memberships with approve/revoke workflows and audit-ready evidence.
Unified timeline view of 18 event sources - access reviews, control tests, exception expiries, BCP/DR drills, training deadlines, vendor assessments, audit milestones, override expiries, change implementation dates, policy review cycles, subscription renewals, tenant credential expiries, daily endpoint scans, and more - in one calendar with iCal feed. Lives in TATER Manage → Calendar, the single canonical location across the five-app suite.
Multi-phase remediation planning with drag-and-drop control assignment, cascading phase durations, optional Phase 0 discovery, and MSP billing columns for service delivery tracking.
Learn More →Third-party risk tracking with vendor profiles, risk tiers, contract management, SLA monitoring, compliance questionnaires, and assessment workflows.
Visual framework builder with drag-and-drop domains, custom threshold logic, JSON import/export, and cross-mapping to standard frameworks.
Structured change request lifecycle with automatic approval routing. Low and medium impact changes auto-approve; high and critical require OrgAdmin sign-off. Full audit trail on every decision.
TATER goes beyond compliance scanning with 14 purpose-built GRC modules. The Risk Register provides a central catalog with 5x5 heat map visualization, quantitative ALE scoring, and four treatment options. Exception and waiver management handles structured approval workflows with compensating control documentation.
Audit Management supports the full lifecycle from planning through finding resolution. Business Continuity and Disaster Recovery modules maintain versioned plans with RTO/RPO tracking. Data Classification inventories assets with sensitivity labels. Security Awareness Training tracks campaigns and completion rates. Control Testing automates scheduled evaluations.
The Compliance Roadmap translates your current scan results into a prioritized, multi-phase remediation plan. Controls are assigned to phases with estimated effort, owner, and completion targets. An optional Phase 0 Discovery automatically collects unscanned and manual-review controls for assessment before remediation phases begin.
Phase durations cascade automatically: changing one phase's timeline shifts all subsequent phases, eliminating manual date math. MSP organizations see additional fee and billing columns on each phase card, making it straightforward to scope and price remediation engagements for clients.
TATER includes purpose-built AI capabilities that go well beyond chat: an agentic compliance analyst, autonomous evidence collection, MCP server integration, and living network documentation that builds itself.
An agentic AI assistant with 12 TATER-specific tools. It reads your scan data, creates risk acceptances, assigns controls, triggers remediations, and documents evidence - pausing to confirm critical actions with a human-in-the-loop design.
Learn More →The TATER Agent (Go binary) includes a browser-based evidence collector that navigates Microsoft admin portals, takes screenshots, and documents findings for Manual Review controls - automatically.
Learn More →Connect Claude Desktop or Claude Code to TATER via the Model Context Protocol. 277 tools expose your compliance data, risk register, controls, and change queue directly to your AI assistant.
Learn More →Configure AI capability to satisfy your security policy, compliance framework, or audit requirements. Per-org global disable, per-role rules (Viewer / Auditor / Admin), per-custom-group rules with users in multiple groups, and a Preview tab to test policy decisions before saving. Each tool ships with a description and a write-flag indicator, so administrators can scope AI surface area to the principle of least privilege. Helpful for SOC 2 CC6 access control, ISO 27001 A.9.4 information access restriction, NIST 800-53 AC-3 access enforcement, and CMMC AC.L2-3.1.5 least privilege requirements over AI-driven actions. Every policy save is HMAC-signed and audit-logged.
Learn More →Every AI agent interaction automatically adds to a searchable knowledge base - infrastructure configs, CA policies, mail flow, endpoint settings, and resolved support issues. The library gets more accurate with every control investigated and every help desk ticket resolved.
Learn More →Manual Review controls with known default postures are automatically predicted as pass or fail based on platform defaults - shrinking the unknown compliance surface and surfacing hidden risk.
A lightweight Go binary for Windows, Linux, and macOS. Windows runs as a service with system tray, local dashboard (Edge app mode), auto-update, and DPAPI config encryption. Linux daemon (RHEL/Ubuntu) includes 20 built-in security controls covering firewall, SSH hardening, disk encryption, SELinux/AppArmor, auditd, kernel hardening, and more - available as amd64 and arm64 binaries. macOS tray application for Intel and Apple Silicon with browser-based evidence collection.
The AI Compliance Analyst is an agentic assistant powered by Claude. Unlike a simple chat interface, it operates as an autonomous agent with 12 TATER-specific tools it can invoke in sequence to complete multi-step tasks. It reads your scan results, identifies patterns, and proposes actions - creating risk acceptances, assigning controls to team members, adding evidence comments, and triggering remediations.
A human-in-the-loop design ensures the analyst always pauses and asks before taking consequential actions. Critical and high-severity findings require explicit user confirmation before an override or remediation is triggered. The analyst surfaces its reasoning at every step so you understand what it's doing and why.
AI_ANALYST_MODEL environment variableThe Evidence Agent is built into the TATER Windows endpoint agent (Go binary). It navigates Microsoft admin portals using a real browser (via chromedp), waits for the user to sign in, then systematically steps through Manual Review controls - taking screenshots, analyzing them with Claude, and documenting findings as evidence comments in TATER.
A polling loop in the agent checks for pending evidence jobs every 15 seconds. PowerShell-based controls run directly via the existing scanner pipeline. All findings are posted to the Comments API with source: 'evidence-agent' for full traceability in the audit log.
TATER exposes its compliance data via the Model Context Protocol (MCP) in two deployment modes: an HTTP MCP endpoint at /api/mcp for remote connections (compatible with claude.ai), and a local stdio MCP server for Claude Desktop and Claude Code.
277 tools give your AI assistant direct access to scans, controls, the risk register, overrides, people, assignments, change requests, framework narratives, remediation history, community stats, evidence jobs, config documentation, and manual control verification. The first tool any agent must call is get_org_context to confirm which organization it is operating in before taking any action.
Agents are instructed to document proactively: whenever they encounter configuration data, infrastructure topology, or security findings, they call upsert_config_doc automatically - building your org's knowledge base as a natural byproduct of compliance work, not as a separate task.
X-Organization-Id headerget_org_context session initialization prevents cross-org mistakesNetwork documentation is the single most neglected IT discipline. Most organizations discover what their network actually looks like during an incident - when it's too late. TATER changes this by making documentation an automatic byproduct of compliance work rather than a separate effort.
Every AI agent interaction adds to a structured, searchable configuration knowledge base. When an agent remediates a control, it documents the before/after state. When it encounters a firewall dependency, it records it. When it analyzes scan results, it captures the posture snapshot - all without being asked.
This knowledge base is not just for humans. Future AI agents read existing docs before making recommendations. If a Palo Alto NGFW is documented as inspecting traffic on a subnet, the next agent to touch Global Secure Access settings will automatically read that dependency and build a recommendation that avoids the conflict - without requiring the user to explain the network topology again.
Every doc follows a consistent template: Current State, Configuration Details, Infrastructure Dependencies, Known Conflicts, Recommended Integration Settings, and Related Controls. The "Recommended Integration Settings" section is specifically designed to be read by AI agents when making configuration recommendations for adjacent systems.
Every time Claude resolves a support issue inside TATER, the resolution is written back into the library with the root cause, the fix, and any affected configuration context. The next time the same issue surfaces - from a different user, on a different endpoint, six months later - Claude already has the answer. Escalations to senior engineers decrease. Repeat tickets stop recurring. And the institutional knowledge stays in the platform, not in someone's head.
The library does not need to be maintained. It is a byproduct of using TATER with Claude. The more compliance work, investigations, and support resolutions run through the platform, the more accurate and useful the documentation becomes.
Bring your compliance data into Microsoft's productivity ecosystem without writing a line of code.
scan.completed event fires every time a scan finishes, with pass/fail counts and compliance rate as trigger datahttps://api.tatersecurity.com/api/reports/powerbi?dataset=controls, add x-api-key headerX-TATER-Event-Type: scan.completedIntegrate with your existing tools and present compliance data to every audience.
60+ built-in integration connectors with real vendor logos and inline configuration - spanning SIEM platforms (syslog CEF + HMAC webhooks), notification channels (Teams, Slack, email), ticketing systems, identity providers, and a Microsoft Tenant category for direct Entra/Exchange/SharePoint/Intune connections.
Learn More →Oversee multiple client organizations from a single platform. Three-tier client access (Monitor, Operate, Manage), cross-org dashboards, side-by-side comparison, and white-label branding options.
Learn More →Groups, feature-level permission toggles, and simplified view modes. Tailor the experience for executives, auditors, and technical staff.
Learn More →Publish a public-facing Trust Center for your customers. Share real-time compliance status, certifications, and security practices transparently.
A downloadable executable that configures an organization end to end. Pick the features you want - M365 cloud scanning, endpoint agent, email intake, SIEM, remediation, Power Automate monitoring, documentation import, user lookup - and the wizard downloads the scripts, prompts for the variables, runs the device-code logins it needs, and writes the results back. Everything runs locally with your own credentials, which never leave the machine. Perfect for MSPs onboarding a new client in minutes.
Connect Power BI directly to live TATER data for custom dashboards and executive reports. Automate compliance workflows in Power Automate with a dedicated custom connector, triggers, and actions.
Learn More →Native, ready-to-run scanners for the four core Microsoft surfaces - Entra ID (12 checks: legacy auth, MFA, security defaults, PIM, CA policy count, sign-in risk, GA count), Defender for Endpoint (8 checks: device onboarding, AV/EDR, critical CVEs, exposure score, sensor health), Intune (8 checks: compliance policies, ASR, BitLocker, Windows Update rings, MDM coverage), and Azure (10 checks: Defender for Cloud secure score, Key Vault, NSG open ports, Activity Log alerts, RBAC owners). 38 checks total, no extra credentials needed beyond the existing tenant connection.
Cloud Graph scan now covers SPF / DKIM / DMARC records (DNS-resolved), Customer Lockbox, external calendar sharing restrictions, Modern Auth, external auto-forwarding block, plus Azure log infrastructure: Entra ID diagnostic settings forwarded to Log Analytics or Event Hub, and 365-day log retention on the workspace. CISA SCuBA-aligned and runs on every cloud scan.
Export scan results, control lists, vulnerability data, and compliance reports to CSV and Excel formats for your existing workflows.
Publish a lightweight compliance score widget on your website or customer portal with real-time data from your TATER dashboard.
Automated scans detect configuration drift in real time. Forward events to your SIEM via syslog (CEF) or HMAC-signed webhooks.
Set up cloud compliance scans in three guided steps. The wizard walks through app registration, permissions, and scheduling.
Intelligent deduplication at upload ensures efficient storage while maintaining full scan history and drift comparison capabilities.
TATER offers 60+ integrations spanning notification channels, SIEM platforms, ticketing systems, and identity providers. SIEM integration supports syslog (CEF format) and HMAC-signed webhooks. Notification rules configure which events trigger alerts and where they go.
TATER was built from the ground up as a multi-tenant platform with strict data isolation. The MSP portal provides a cross-organization dashboard and streamlined client onboarding with organization templates. Organizations flagged as MSPs unlock additional operational controls: fee and billing columns in compliance roadmaps, white-labeling controls, and service delivery metrics across the client base.
The MSP flag (isMsp) is set by a SuperAdmin on any organization. Once enabled, that org's admins see billing context in roadmap phases and can configure client-facing white-label branding independently from internal views.
Three-tier client access controls precisely what MSP staff can do in each client organization. Tiers are org-to-org relationships managed from the MSP Portal: Monitor (Tier 1) grants read-only access to dashboards, scans, and reports; Operate (Tier 2) adds the ability to manage compliance workflows including overrides, roadmaps, assignments, and remediations; Manage (Tier 3) provides full organization administration including branding, API keys, and tenant credentials.
TATER provides granular control over what each user sees through groups, feature-level permission toggles, and simplified view modes. Feature master switches at the organization level let OrgAdmins enable or disable entire capability areas.
TATER Ops ships with ITIL 4 and NIST SP 800-61 process profiles out of the box. Pick a profile and the new-task form shows only the fields that standard requires - no clutter, no over-collection. Status workflows are enforced server-side; SLAs compute per priority automatically.
Basic (lightweight tasks), ITIL Incident (8-state lifecycle with impact/urgency/severity, business service, configuration items, per-priority SLAs from 15m to 5d), ITIL Service Request (adds Approval Pending + Fulfilled states), ITIL Problem (root-cause analysis fields), and NIST SP 800-61 IR (security IR lifecycle with False Positive branch).
Each profile defines per-field {visible, required, default} rules. The new-task modal renders only the columns the profile turns on, marks required fields with *, and pre-fills defaults. You get the ITIL Incident shape when you need it and the bare-bones Basic shape when you don't.
Status changes are validated against the profile's allowed-transitions matrix server-side. Per-status flags declaratively stamp slaResponded, slaResolved, and closedAt timestamps. SLA targets per priority compute at creation time when no explicit SLA is set.
Seeded profiles are system-owned (editable, not deletable). Create your own profile to model a workflow ITIL doesn't cover - every field rule and status transition is configurable via JSON editor in Settings → Process Profiles. Profiles are scoped per organization, so each org runs its own playbook.
The 5th sister app. Quick dashboards stay in TATER Security, Ops, Manage, and My TATER. Deep, filterable, exportable reports live here. Compliance Posture, Service Desk Performance, Risk Register, Training Compliance, Vendor & Contract Summary, Activity Log Trends, and Subscription / Licensing - with group-based access control so HR sees HR tickets, AP sees AP tickets, and SuperAdmin sees everything.
Compliance Posture, Risk Register Summary, Service Desk Performance, Helpdesk Drilldown, Training Compliance, Vendor & Contract Summary, Activity Log Trends, Subscription & Licensing. Each ships with KPI tiles, chart visualizations, a sortable data table, and CSV export.
Each report has an access tier (Open / Auditor+ / SuperAdmin) plus optional group gates. Groups also map to Ops task categories - so users in service-desk-hr see only HR / Onboarding / Off-boarding tickets, service-desk-ap sees AP / Finance, and vendor-viewer gets Vendor reports. 9 standard groups seed on first run.
Service Desk reports apply WHERE category IN (your group's category list). HR managers see only HR tickets; AR clerks see only AR tickets. Admins / SuperAdmin bypass for full visibility. No more "I shouldn't see those." moments.
Every report viewer exports three ways: CSV (server, raw data), XLSX (client-side via SheetJS, two-sheet workbook), and branded PDF (server-side via pdfkit with org logo, KPI tiles, chart summaries, and page numbers). Power BI dataset endpoint (/api/reports/powerbi) for BI tools that want a live data feed.
Schedule any report daily / weekly / monthly / quarterly with a recipient list. Branded HTML emails via Graph (system email config) with SMTP fallback. Click Send now to test before letting cron take over. Configure in Insights → Scheduled Reports.
Auditor+ users pick from 9 data sources (Ops Tasks, Risks, Risk Acceptances, Audits, Vendors, Activity Log, Monitoring Findings, Change Requests, Exceptions). 11 filter operators. Type-aware UI: status / enum fields render as selects with locked option lists. Personal-only or org-shared visibility (Admin+ to publish). Custom reports appear in the Catalog alongside built-ins and use the same run / export / PDF code paths.
MSP users (members of org.isMsp=true) and SuperAdmins see a Scope chip selector at the top of the report viewer. Pick which client orgs to include, the report runs once per org, results merge with an Organization column prepended. Numeric KPIs sum across orgs. Works for both built-in and custom reports.
Insights doesn't replace the at-a-glance dashboards in TATER Security (overview), Ops (live tile-board), Manage (fleet health), or My TATER (personal). Those stay where the muscle memory is. Insights is for the deeper, filterable, exportable reports.
If a user can't run a report, the card shows why - required role, required group - so they know exactly what to ask their admin for. No silent 403s. No mystery.
insights.tatersecurity.com - 5th sister app, included with every TATER subscription. Same MSAL session as the rest of the platform; users sign into TATER once and Insights is available alongside Security, Ops, Manage, and My TATER. No extra license, no extra setup.
Configure groups: Insights → Insights Groups (or use the seed-defaults button for the 9 standard groups). Assign users to groups: TATER Manage → Users → edit user → groups field.
TATER is the only compliance platform with built-in gamification, community leaderboards, and achievement systems - keeping your team engaged and motivated to maintain strong security posture.
Every team member gets a customizable profile with a unique nickname, avatar, bio, and accent color. Co-workers see each other's real names alongside nicknames for human context.
Team members earn XP from 19 action types: scans, remediations, evidence comments, risk acceptances, policies, control assignments, evidence exports, audit snapshots, auditor tokens, AI Analyst sessions, plus governance creators (risks, exceptions, change requests, vendors, audits, BCP/DR plans, training campaigns, policy approvals) and achievement bonuses. Progress through 7 levels from Rookie to Legend.
14 leveled badges that recognize the people doing GRC work - Risk Logger, Exception Handler, Change Steward, Vendor Tracker, Audit Lead, BCP Planner, Training Coordinator, Policy Approver - each with first-create, 10x, and 25x milestone tiers. Auto-awarded as records are created across the GRC module suite.
User achievements covering every compliance workflow - from First Scan to Evidence Exporter to AI Analyst. Includes secret achievements that reward deep platform mastery. Bonus XP awarded per unlock.
Organizations earn collective achievements for milestones like first scan, high compliance rates (80%/90%/95%), team size growth, multi-framework adoption, and successful remediations. A motivating shared goal for the whole team.
Real-time org leaderboards rank your team across six categories: XP, scans completed, remediations triggered, evidence comments, policies created, and achievements unlocked. Org leaderboards let you compare across your entire MSP fleet. Customizable profiles with avatars and nicknames bring personality to the rankings.
A dedicated community hub showing your personal level, XP bar, recent achievements, org milestones, and a live mini-leaderboard - all in one place. The more you work, the more your dashboard reflects your expertise.
Every TATER user gets a rich profile: a unique nickname (2–32 characters, globally unique within the tenant), a custom avatar (upload a photo or generate a randomized icon), a short bio, and an accent color. Real names are shown to co-workers in a "nickname (Real Name)" format, giving both human warmth and professional context - while outside your org, only the nickname is visible.
Team members earn XP automatically as they do real compliance work. No artificial tasks, no gamification theater - XP maps directly to platform value. Running scans, remediating findings, documenting risk acceptances, writing policies, adding evidence comments, and using the AI analyst all earn XP. Unlocking achievements awards bonus XP on top.
Achievements reward meaningful platform milestones. User achievements cover individual compliance workflows, while org achievements recognize collective team milestones. Each achievement awards bonus XP and is permanently recorded with an earned date. Progress trackers show how close you are to the next unlock. Secret achievements remain hidden until earned.
Leaderboards make team progress visible and motivating. Filter by six categories and toggle between individual and org views. A podium display highlights the top three, with full ranked lists below. Your current rank is always shown - even if you're outside the top 25. For MSPs, org leaderboards let you see which client organizations are most actively using the platform.
Real engineering, not marketing. Every claim below is verifiable from API behavior, source code, or a security disclosure on our trust page.
HMAC-SHA256 per-entry signature, canonical payload id|tenantId|action|entityType|entityId|userId|timestamp. Verify offline with openssl dgst -sha256 -hmac KEY. Activated by setting AUDIT_SIGNING_KEY - absent key gracefully degrades.
Bring your own Anthropic API key per organization. Encrypted at rest with AES-256-GCM, redacted to [REDACTED] on every API read. AI features off by default. Anthropic-only - no OpenAI / Gemini surface area.
SHA256 published on the public /api/agent/version endpoint. Agent self-verifies updates before installing - reject-on-mismatch is the default failure mode. Authenticode-signed Windows MSI. SBOM available on request.
Every audit entry tagged with via: web, mcp, copilot, claude, agent, api, or cron. Filter the Activity Log to see exactly which actions came from which AI agent.
Every PUT/DELETE handler verifies record ownership against caller's organizationId before acting. Unbound API keys cannot escalate via x-organization-id header. Webhook URLs blocked from private IP ranges, link-local, ULAs, and metadata endpoints.
Every cross-tenant Cosmos query uses forceQueryPlan: true so the SDK fans out across all partitions instead of silently routing to one. Caught and fixed across 6 SuperAdmin endpoints during a 2026-04 audit.
TATER's compliance catalog, scanning engine, and integrations are sovereign-cloud-aware. Customers in regulated environments get GCC High and DoD-specific remediation guidance on every applicable control today, and have a clear path to a private TATER Gov deployment when their accreditation boundary requires it.
Every catalog control can carry a Government Cloud Guidance block with sovereign-cloud-specific remediation steps, portal URLs, Graph endpoints, and PowerShell environment flags. SuperAdmins maintain it via the catalog editor; sovereign-cloud admins see it inline in the control detail panel.
Mark a tenant credential as Commercial / GCC / GCC High / DoD and TATER's scanRun engine automatically picks the right Graph, AAD, and ARM endpoints. No code changes per customer; one configuration toggle per tenant.
For GCC High and DoD customers requiring TATER itself to run in Azure US Government, we partner directly. Typical engagement: 4–8 weeks from signed SOW to first scan, with FedRAMP Moderate Equivalency, ITAR / EAR / CMMC attestations as scoped to your accreditation boundary.
You already own Tenable, CrowdStrike, Splunk, Okta, ServiceNow, and 8–15 other security and IT tools. None of them own M365 SaaS configuration compliance, continuous endpoint hardening at the registry/policy level, or the GRC workflow that wraps it. That is the gap - and it is where TATER lives. The Complementary Stack playbook maps each major tool category, what your existing investment does well, and the specific layer TATER adds next to it.