Demo Mode

Every screen, flow, export, and remediation path is the real Veri-Guard product. The specific findings, scores, and runbooks shown are curated to illustrate a typical before/after story. Your tenant scan produces your own numbers.

Get started
Veri-Tech
Configuration Snapshot Vault

Veri-Vault

Automated disaster-recovery snapshots of your M365 and Intune tenant configuration. Every Guard and Tune scan backs up automatically. Compare any two snapshots to see exactly what changed — and restore with a two-admin safety rail.

Last vault backup: 4/23/2026, 2:32:18 PM

Every screen below is populated from our dev-lab tenant. Real product, real snapshot schema — the tenant shown is ours. Click any snapshot to drill in, or Compare two to see diff output.

7

Total Snapshots

31.9 MB

Total Storage

Apr 23

Last Backup

1 year

Retention

How Vault works

Auto-Capture

Every Guard and Tune scan automatically produces a config backup. No extra steps.

On-Demand Backup

Hit Backup Now anytime — before a migration, after a change, or just for peace of mind.

Compare & Diff

Pick any two snapshots and see exactly what changed — added, removed, modified — with compliance impact.

Baselines

Lock a known-good config as a baseline. Track drift against it over time, across one tenant or many.

Scheduled Backups

Daily, weekly, or monthly automatic backups independent of compliance scans.

Activity Log

Who backed up, who restored, who changed what — full audit trail.

Two-Admin Restore

Restore any snapshot with a dry-run preview and a second-admin approval step. Privileged roles never restored automatically.

Emergency Access

Out-of-band login for the day your tenant is compromised. Read-only vault access with TOTP + DNS-challenge recovery.

Generate DR / Restore Tabletop

EnterpriseVeri-Vault

A facilitator-ready DR / restore drill — composed from the current Vault posture (backup age, restore-test recency, immutability).

Learn more about Veri-Tech IR Tabletops

Org-shape (per drill, demo only)

Veri-Tech sizes every drill around your actual team, not a generic enterprise template. The demo lets you nudge the shape with the controls below; the real product gives you the full freedom described in the callout.

You write your own role labels — not ours.

In your real tenant, you type the role names your team actually uses: M365 Admin, Service Manager, VP IT, External IR Retainer — whatever your lexicon is. The AI uses those exact labels in drill participants, IR-plan owners, AI Coaching recommendations, and the auditor manifest’s orgShape field.

You can also add roles for a specific drill on the fly — e.g. spin up an “Inland Energy AP Clerk” row before running a BEC scenario without touching tenant-wide settings. The demo simulates this with a curated roster + slider; real customers get the full custom-label form (60-char cap, name-detection guardrail, per-role headcount).

This drill will be sized for: Mid-market (50–500 staff) · 7 roles configured (demo)
747 for midmarket

Auditor-grade IR evidence in one click — satisfies HIPAA §164.308(a)(8), SOC 2 CC7.4, and ISO 27001 A.5.24 evaluation requirements.

Generation runs in ~3–5 minutes; output lands in Veri-Vault as a tabletop artifact.

Tabletop Guide — Start Here
How the drill runs, who needs portal access, what the artifact preserves, and how to share it with auditors.
Preview a sample tabletopbased on findings shape

Ransomware encrypts production AND attempts to encrypt backup vault

Veri-Vault · v1.0.0

Your Vault posture shows 30-day WORM and 28 days since last restore test. This scenario exercises the restore decision tree under time pressure with a sophisticated attacker.

NIST CSFISO 27001 A.5.30SOC 2 A1.2HIPAA §164.308(a)(7)(ii)(B)
NIST CSF
Recover (RC.RP, RC.IM)
Duration
90 minutes (DR tabletops run long because RPO/RTO + restore-validation are real)
Injects
6 timed
Rubric
6 criteria

On a Sunday at 03:42 UTC, a ransomware operator with prior persistence in your environment triggers encryption across 4 file servers, 12 database hosts, and the M365 tenant's SharePoint sites. By 04:15 UTC, your monitoring tools page on-call. By 04:30, you've isolated the affected network segments. At 05:02, the attacker — who clearly knows you have Veri-Vault — attempts to authenticate against the Vault management plane using a stolen privileged identity. Your immutability window saves you: writes to existing backups are denied. But the attacker can attempt to *delete* the Vault if they reach a sufficiently privileged identity. They don't, today. Now you face the actual question: do you pay, or do you restore?

Threat actor: Sophisticated ransomware operator (Conti-affiliate or similar). Goal: ransom payment. Has researched your Vault posture before encrypting.

Attack chain

  1. 1
    Pre-encryption recon: Attacker has had persistence for 11 days. Uses time to map Vault's protection model: WORM window, immutability period, who has delete rights.
  2. 2
    Encryption: Triggers encryption across production. Demands ransom: $4.2M in 48 hours; $8.4M after.
  3. 3
    Vault attack attempt: Attempts to authenticate to Vault management plane to delete or encrypt backups. WORM denies writes; delete-attempt requires privilege the attacker has not yet escalated to.
  4. 4
    Decision point: You have backups. They survive the attack. Question becomes: how fast can you actually restore, what data was post-last-backup, and is your restored environment safe to bring back online?

Affected assets

  • 4 file servers (~8TB user data)
  • 12 database hosts (production + 2 staging)
  • M365 SharePoint sites (~2TB document libraries)
  • Email continuity (mail flow at risk if Exchange Online compromised — separate scope)
  • Customer-facing application (24-hour downtime threshold before SLA breach)

Vault posture

  • Last successful restore test: 28 days ago Restore time and integrity not validated under current configuration
  • Immutability window: 30 days WORM Adequate for typical attacker dwell time but no margin if response is delayed
  • Backup age: Newest: 2 hours; Oldest: 13 days Recent enough to limit data loss; full coverage
  • Coverage: Veri-Guard + Veri-Tune configurations only File servers + DB hosts NOT in Vault — restored from separate backup product (out of Vault scope)

Generated from Veri-Vault posture snapshot on 2026-05-07 (47 backups, 28 days since last restore test). This is facilitator material — verify scenario specifics against your environment before use. Veri-Tech does not warrant scenario fitness for any specific audit framework; pair with the Vault posture report (which IS recoverability evidence) and your own DR/BC plan.

IR Tabletops

Audit evidence
See drill trends →Learn more →

Locked tabletop drills retained immutably under your evidence policy. Each artifact is auditor-traceable to the source scan via SHA-256 manifest. Click any drill to open the full Record view with the editable-drafts audit chain, AI Coaching simulation, and downloadable evidence artifacts.

Identity-attack drill

Veri-Guard scan demo-assessment-0422 · Locked May 4, 2026

Locked drill

Device-compromise drill

Veri-Tune scan demo-tune-0419 · Locked Apr 19, 2026

Locked drill

Breach-notification drill

HIPAA scan demo-hipaa-0501 · Locked May 1, 2026

Locked drill

DR / restore drill

Vault posture snapshot · Locked May 7, 2026

Locked drill

Recent Vault Backups

View all →

Thu, Apr 23, 2026

2:32:18 PM

Manual Backup
+2~5
4.6 MB

Sat, Apr 18, 2026

4:41:30 PM

Manual Backup
~2
4.6 MB

Wed, Apr 1, 2026

12:00:00 PM

Manual Backup4.5 MB

Automatic Scan Snapshots

View all →

Wed, Apr 22, 2026

9:14:02 AM

Tune Scan
-1~3
4.6 MB

Tue, Apr 21, 2026

3:05:47 AM

Guard Scan
+1~4
4.6 MB

Tue, Apr 14, 2026

9:12:11 AM

Tune Scan
+3~1
4.5 MB

Fri, Apr 10, 2026

3:05:19 AM

Guard ScanNo changes4.5 MB

Ready to back up your own tenant?

Connect read-only in 60 seconds, capture your first snapshot in under two minutes, and automatic backups run on every future scan.

Get startedBook a call