Features
Everything you need. Nothing you don't.
A tour of the features small businesses actually use in Fortoxa — detection, compliance and team access.
Detection & response
What Fortoxa catches, how it decides, and how you hear about it.
24/7 behavioural detection
Baselined against your actual usage so you see real anomalies, not noisy generic rules.
Plain-English alerts
Every alert explains what happened, why it matters and what to do next. No SIEM jargon.
Identity & access monitoring
Dormant accounts, missing MFA, privilege creep and impossible travel across your identity stack.
Config & exposure scanning
Public buckets, open ports, weak defaults and dangerous OAuth grants flagged before attackers find them.
Compliance & evidence
Everything your auditor or procurement team asks for, produced automatically.
Framework mappings
Controls mapped to Cyber Essentials Plus, NCSC CAF, GDPR Article 32 and NIS2 — with evidence for each.
Audit-ready PDF reports
One-click export bundling configuration snapshots, scan histories and remediation logs.
Data-residency guardrails
UK/EU processing by default with clear controls on where evidence is stored.
Team & integrations
Fit Fortoxa to your team shape, not the other way around.
Role-based access control
Admin, analyst and viewer roles with per-workspace scoping. SSO on Business and Pro plans.
Read-only integrations
OAuth-based connectors for the apps you use — Google Workspace, Microsoft 365, Slack, GitHub, AWS, Cloudflare and more.
Ready to see it in action?
Start the 14-day free trial or book a live walkthrough with the team.