Gravity
Start free

Enterprise

Documentation your security team will sign off on.

Single sign-on, roles you control, immutable versions and a complete audit trail — the controls a real enterprise asks for, built into the platform rather than bolted on.

Book a demoRead the security overview

Built audit-first — every action logged, every published version immutable, your code never run.

Vendor security review Ready

Controls a buyer can verify

  • Single sign-on (SAML / OIDC)
  • Role-based access control
  • Complete, retained audit trail
  • Immutable, notified versions

The same controls your reviewer expects in a questionnaire — already in place, not on a roadmap.

Controls, built in

Ready for your review

Everything below is part of how the platform is built — not a premium add-on or a future promise.

SSO & SAML

One secure sign-in for your whole organisation via SAML or OIDC — Okta, Microsoft Entra and the provider you already run.

SCIM-friendly · MFA enforced by your IdP

Roles you control

Clone sensible role baselines and reshape them to your org, scoped to the modules each team is licensed for.

Read · Write · Review · Publish · Admin

A complete audit trail

Every action is logged with who, what and when, retained and rotated to cold storage — queryable whenever compliance asks.

Append-only · exportable for your auditors

Immutable, notified versions

Published docs cannot be silently altered. Every change is a new content-addressed version, and the people who depend on it are notified.

Content-addressed · signed · customer-notified

Your data, exportable

Clean export and deletion paths for offboarding and compliance — your content is always yours to take with you.

Full export · verifiable deletion

Built for SOC 2

Audit-first by design, with strong logical tenant isolation, working toward the certification your vendors require.

SOC 2 in progress · DPA · subprocessor list

The lifecycle of a change

How a change becomes an audited record

Every edit follows one path before a reader sees it — and the whole path is recorded.

  1. Draft

    Author · AI suggestion

    A change is written by an author or proposed by AI. Drafting stays fast and collaborative — nothing is public yet.

  2. Review

    Assigned reviewers

    Required reviewers compare the change against the live version and leave comments. No edit skips the loop.

  3. Approve

    Approvers

    Sign-off is recorded against the named approvers. The decision, and who made it, becomes part of the record.

  4. Publish

    Publisher

    The approved change becomes a new content-addressed, immutable version. Publishing is the audited boundary.

  5. Notify

    Subscribers

    Everyone who depends on the page is notified of exactly what changed — no silent edits to documentation they rely on.

  6. Logged

    Audit log

    The whole sequence lands in an append-only audit trail, retained and rotated to cold storage for your auditors.

Why it is safe

Your code stays yours.

Gravity reads your source and observes systems you already operate, under a credential you can revoke. The controls are not a setting you switch on — they are how the platform is built.

  • Scoped, revocable credentials

    Gravity reads your source under a least-privilege credential you grant and can revoke at any moment. Access ends the instant you say so.

  • We never run your code

    Documentation is generated from static analysis. Your code is read, never executed — so there is no runtime path into your systems.

  • Publish is the audit boundary

    Drafting stays fast and private. The published record is the immutable, signed, notified version — the line a reviewer can trust.

See the full security posture
Audit log · liveappend-only

version.publish

a.okafor@acme.com · auth/login.mdx

published14:02:11

Illustrative log entries. Every action carries the actor, what they did, the resource and the result — retained and exportable for your auditors.

The admin console

Who can do what — and the proof of it

The screens your security and platform teams will live in — clone a role, scope it, and see exactly who can do what.

Roles & permissionsscoped per module
PermissionReaderAuthorReviewerPublisherAdmin
Read published
Draft & edit
Approve review
Publish version
Manage roles & SSO

Illustrative role baselines. Clone any role, reshape it to your org, and scope it to only the modules a team is licensed for.

Audit-log explorer

Product screenshot to drop in: the audit-log explorer — filter by actor, action, resource and date range, with one-click CSV export for your auditors.
0%
of actions written to the audit trail
0
lines of your code executed by Gravity
0
click to revoke the observation credential
0
years of audit retention, in cold storage

For your security review

What your reviewer can ask for

Built for the questionnaire, not just the demo. Ask, and we will share the artefacts your team signs off against.

SOC 2 in progress

Audit-first by design, with strong logical tenant isolation. We will share our current posture and timeline with your team.

A DPA, ready to sign

A standard data-processing agreement covering how your content is handled, stored and deleted.

A published subprocessor list

Know exactly which parties touch your data — kept current, so your review never goes stale.

Export & deletion paths

Clean, verifiable export and deletion for offboarding and right-to-be-forgotten requests.

Send us your questionnaire
SAML
One secure sign-in for your whole org
RBAC
Roles you can clone and reshape
Audited
Every action logged and retained
Yours
Export or delete your data anytime

Let’s talk about your rollout.

Bring your SSO, your roles and your compliance requirements — we’ll show you how Gravity fits.

Book a demoRead the security overview