Govern Salesforce without holding its data.

Worker packets, not CRM exports.

Bylaw never logs into Salesforce to pull your records. It collects evidence the way an examiner wishes they could — by observing each control at its source and recording that it operated. The mechanism is a worker packet: a small, single-purpose, read-only instruction that asks Salesforce one precise question (“are these profiles still assigned this permission set?”) and returns one structured answer — the operator, the expected value, the observed value, a verdict, and a content hash. The packet carries nothing else out. No account, no contact, no opportunity ever leaves your org.

The judgment happens on the other side of a wall. Our sealed engine, reached over the internet with a key you control, computes every verdict and never exposes its logic; the only thing it reasons over is configuration state, never your customer data. Between your org and anything that leaves it sits the edge wall, which rejects any email, name, or identifier before it can cross — to us, to a partner, or into the trail. Every observation lands in a hash-chained record that three roles sign before it goes live.

Those observations answer many questions at once: SOC 2 logical-access criteria, ISO 27001 Annex A access control, and the EU AI Act’s governance expectations for the Einstein and Agentforce features now entering audit scope. A single access-review observation in Salesforce becomes Salesforce SOC 2 evidence, Salesforce access-control proof, and connected-apps governance — collected once, at the source.