C
CertPilot

Platform

Checks and registers that turn into governance evidence.

CertPilot gives lean IT teams, MSPs, and agencies one place to monitor public-facing assets, maintain people, asset, renewal, and access-review registers, and generate management-ready evidence reports from the records they already need to keep.

Start free 14-day trialSee sample reports

Checks + Registers to Evidence

Governance evidence usually breaks because it is split across tools: SSL alerts in one place, renewal dates in a spreadsheet, people and assets in another, access reviews in another spreadsheet, and reports assembled by hand. CertPilot keeps the model simple.

1. Checks

Automated public checks watch SSL, DNS, RDAP/domain expiry, and email-authentication records. These checks do not need credentials or private access.

2. Registers

Human-maintained registers capture what public checks cannot know: people, accounts, assets, vendors, renewal owners, review states, and access decisions.

3. Evidence

Reports turn checks and registers into dated PDFs a non-technical stakeholder can review without opening the dashboard.

For the public data sources behind the external checks, read the CertPilot methodology.

Seven live modules

These are product surfaces that exist today. They are manual-first where manual records are the accurate source of truth, and automated only where public checks are reliable.

Checks

External Footprint Monitoring

Daily public checks for domains, SSL, DNS, RDAP/domain expiry, and email authentication records.

  • SSL certificate expiry
  • DNS record changes
  • RDAP/domain renewal windows
  • SPF, DMARC, and MTA-STS records

View module

Register

Renewals & Vendor Register

A maintained register for SaaS tools, contracts, licenses, domains, certificates, owners, and renewal dates.

  • Vendor renewal due dates
  • Owner and billing contact
  • Annual cost context
  • Overdue and incomplete records

View module

Register

Access Reviews

Manual access review evidence with Systems Catalog, matrix view, entries view, CSV import/export, and Register PDF.

  • Systems Catalog
  • Access matrix and entries view
  • Completion log
  • Access Review Register PDF

View module

Register

People & Accounts

A manual-first register for people and system accounts, built for ownership and offboarding evidence.

  • People, roles, and departments
  • System account records
  • Account status follow-up
  • CSV import/export and matrix view

View module

Register

Assets Register

A manual-first hardware and software register for ownership, maintenance, and license evidence.

  • Hardware assignment records
  • Software license status
  • Masked key hint only
  • Repair, lost, and renewal follow-up

View module

Public status signals

Vendor Status Watch

Track official public status signals for SaaS, cloud, productivity, and developer vendors your workspace depends on.

  • Workspace vendor watchlist
  • Cached official vendor status feeds
  • Open incidents and maintenance windows
  • Dashboard Refresh now
  • Public Vendor Status Checker

View module

Evidence

Evidence Reports

Domain Health, Renewal Risk, Monthly Proof, on-demand Weekly Governance, and Access Review Register PDFs.

  • Domain Health Report
  • Renewal Risk Report
  • Monthly Proof Report
  • Access Review Register

View module

Who the platform is for

CertPilot is built for small teams that need evidence without standing up a large governance program or buying a broad enterprise suite.

Lean IT teams

Use CertPilot when one small team is responsible for domains, renewals, access reviews, and the evidence trail leadership asks for.

MSPs

Use CertPilot to keep client-facing public assets and registers organized, then bring dated evidence into client reviews.

Agencies

Use CertPilot to support care plans and retainers with monthly proof, renewal visibility, and client-ready reports.

What CertPilot is not

The platform is deliberately narrow. That makes the evidence easier to explain and reduces the amount of sensitive data involved.

  • Not a compliance certification platform. CertPilot produces operational evidence, not certification or legal advice.
  • Not employee surveillance. Access Reviews use customer-entered records, not activity tracking or productivity scoring.
  • Not device monitoring, MDM, endpoint monitoring, or device control. Assets are customer-entered records.
  • Not a content scanner. CertPilot does not read email bodies, documents, chats, AI prompts, or AI responses.
  • Not connector sync today. CertPilot does not currently connect to Google Workspace, Microsoft 365, SaaS admin systems, or identity providers.
  • Not a vulnerability scanner or uptime monitor. External checks use public SSL, DNS, RDAP, and email-authentication data.
  • Not AI adoption analytics or license-waste detection. Those connector-derived features are not live.

Review the report format before signing up.

The Sample Reports Gallery shows the five live report formats using fictional data: Domain Health, Renewal Risk, Monthly Proof, Weekly Governance, and Access Review Register.

See sample reportsStart free 14-day trial

Platform FAQ

What is CertPilot?

CertPilot is an IT governance evidence platform. It combines public technical checks, customer-maintained registers, and PDF evidence reports for lean IT teams, MSPs, and agencies.

What does Checks + Registers to Evidence mean?

Checks cover public signals like SSL, DNS, RDAP, and email authentication. Registers cover records your team maintains, such as renewals, vendors, and access reviews. Evidence reports turn both into dated PDFs.

Which modules are live today?

External Footprint Monitoring, Renewals & Vendor Register, Access Reviews, People & Accounts, Assets Register, Vendor Status Watch, Evidence Reports, and the Sample Reports Gallery are live today. Email Authentication Monitoring is part of External Footprint Monitoring.

Does CertPilot need private system access?

No. External footprint checks use public data. Register records are entered or imported by your team. CertPilot does not read email, documents, chats, AI prompts, device telemetry, or private employee activity.

Is CertPilot only for agencies?

No. Agencies can use CertPilot for client proof, MSPs can use it for client governance evidence, and lean IT teams can use it for leadership and audit conversations.

Does CertPilot certify compliance?

No. CertPilot produces operational evidence that can support governance reviews and audit conversations. It does not certify compliance, provide legal advice, or guarantee any audit outcome.