Portal lens
Choose how Findings, Recommendations, and finding detail are framed. Your choice is saved on this device for next time.
Appearance
Choose how the portal looks on this device.
Adjust profile photo
Drag the square to frame your photo. Drag the corner handle to zoom the crop (still a square, so your picture is not stretched). We shrink the result to fit upload limits.
Organisation
Cyber due diligence
This is a live summary. Technical signals and report downloads are under Findings.
Loading workspace…
What to expect
Hit the Run security checks button and Branz will carry out extensive technical security checks on your target organisation. These scans can take a while so feel free to start the checks and come back later to review results
Legal Agreements
The agreement that needs your attention opens automatically in order: Master Services Agreement, then Data Processing Agreement, then any Statement of Work, then Scanning Authorisation where applicable. Review the PDF preview, then sign with your name and job title using typed-name confirmation under the Electronic Communications Act 2000 (UK B2B). You can still expand other rows to download copies.
Branz external scanning uses fixed source IPv4 addresses. Allowlist 52.208.90.63 (and any additional addresses shown here if the list is updated) before scans run.
Loading…
Select a task from your programme to see details.
Selected task
Previous runs and remediation
Comparison with previous scan results and findings remediated since the last run will appear here when that data is available.
Focused remediation plan that filters out the noise and ranks the highest-ROI actions for your team. Each recommendation shows the impact across acquisition exposure, GRC/legal, and technical security, and links to the lens-specific fix detail on Findings.
Asset inventory derived from discovered resources during your assessment security checks, including domains, subdomains, public IPs, hosts, certificates, and web targets. Open a row to see provenance, a derived risk score, and linked security findings from your latest catalog. If something listed here is not part of your organisation, use “Not our asset” so it is removed from inventory and findings and is not picked up again on future scans.
Inventory summary
Download due diligence report packs generated from your latest assessment. Reports are available by persona: owner/executive, governance/risk/compliance, and technical engineering.
Your organisation, engagement context, security-check licences, and legal agreements. Use Lens in the sidebar for report tone.
Your organisation
The customer organisation you are signed into for this workspace.
Loading…
Target companies
Subject companies for due diligence. Open a row to review or edit target context under Organisation setup.
View the licences assigned to your organisation. Each security check requires an active licence. If a licence shows as unassigned, your invoice may not yet have been processed.
Security check licences
Licence assignments are updated automatically when invoices are settled. Contact support@branz.uk if you believe a licence should be active.
Need help? Contact support@branz.uk or speak with your engagement lead about licence activation.
Share product ideas for the portal or due diligence workflow. Submissions go to the Branz team at support@branz.uk.
Submit a request
Your organisation and signed-in account are included automatically. Add links to mock-ups, docs, or image hosts (for example shared screenshots) if they help explain the idea.
You need to be assigned to an organisation before you can send a feature request. If this looks wrong, contact your engagement lead or support@branz.uk.
Documentation, live status, roadmap, and support — all in one place.
Help links
Tell us what broke or behaved unexpectedly. Submissions go to the Branz team at support@branz.uk.
Submit a report
Your organisation and signed-in account are included automatically. Add links to screenshots, screen recordings, or docs if they help reproduce the issue.
You need to be assigned to an organisation before you can report a bug. If this looks wrong, contact your engagement lead or support@branz.uk.
Profile, password, and security settings.
Overview
Loading account details…
You are signed in through the customer portal entry. The internal admin area is hidden until you leave this mode.
Tailor your experience by selecting a lens
Multi-Factor Authentication
Loading MFA status…
Signed-in devices
Rename a device or sign it out remotely. New browsers and phones appear after you sign in there.
Loading signed-in devices…
Overview
End-to-end snapshot of how the business is running: delivery pipeline, finance posture, platform usage, and risks. Deep links go to each area in the nav; open Customers for the full organisation directory and workspace.
Metrics by operational area, grouped into columns
Customers & growth
Live engagements, pipeline, and relationship health.
Loading…
Open customersBridge CRM stages to delivery capacity so this column reflects commercial momentum as well as live tenants.
Track sentiment and health scores by segment to get ahead of churn and upsell timing.
Finance & economics
Cash, margin, and forward view.
Connect Stripe and ledger views to show revenue health and dunning risk at a glance.
Open billing Cost management Placeholder Infra & third-party spend vs budgetMap unit economics per engagement and environment; surface anomalies before they hit margin.
Open cost management Forecasting — Modelled engagement revenue (pricing quotes) Pipeline, capacity, and revenue outlookSum of max(£5,000, 1% of acquisition value) per quoted lead; see Forecasting for the full table. Blend stages with delivery throughput for bookings and resourcing.
Open forecastingPlatform & technology
Product usage, incidents, and integration health.
Wire aggregate error rates and latency here; use API tools for ad-hoc probes today.
Open API tools Usage Placeholder Product and API consumptionAssessments, scans, questionnaire completions, and seats over time.
Open usage Alerts Placeholder Incidents, SLO burn, and watchdogsPager events, failed jobs, and threshold breaches for operator response.
Open alertsDelivery, trust & support
SLAs, assurance, and front-line load.
Customer commitments and internal QA throughput—pair with the Customers view for stage mix.
Your SOC posture, pen-test status, and vendor assurance—not customer assessment findings.
Helpdesk volume alongside engagement growth to spot product or delivery friction.
Billing
Stripe subscriptions, invoices, and payment status for your platform will appear here.
Modelled engagement revenue
Rolling view of revenue implied by pricing-quote acquisition values: — across — organisation(s) with a quoted acquisition figure. Rule: max(£5,000, 1% of acquisition) each. Open Forecasting for per-customer breakdown.
Organisations with paid invoices
Loading…
Spend totals use Stripe
amount_paid per invoice (up to 100 most recent invoices per organisation). Non-GBP lines are
labelled in the table and excluded from the GBP roll-up.
Outstanding invoices (issued, not paid)
Loading…
Includes Stripe invoices in
open status (finalised, awaiting payment). GBP totals exclude other currencies.
Lead pipeline (modelled value)
Loading…
Average customer value is the mean modelled engagement (max(£5,000, 1% of quoted acquisition)) across leads that have a quote on file. Conversion scenarios multiply that average by lead count and the stated rate.
Cost management
Track infrastructure and service spend against engagements and environments.
Cost views and budgets are not connected yet. This card is a placeholder for upcoming cost reporting. Pair spend with modelled engagement revenue per customer to sense margin.
Forecasting
Project revenue, usage, and capacity from historical engagement and billing signals.
Financial year 2026/27 (1 Apr 2026 – 31 Mar 2027)
Paid revenue is taken from Stripe invoices in GBP. The forecast blends last month’s cash with the run-rate implied by completed months so far this financial year.
12-month revenue forecast
—
Acquisition throughput (FY)
—
Sum of stated acquisition values on pricing quotes with a submission date in this financial year.
FY paid revenue split
— total (Stripe GBP, paid date in FY).
Cyber Due Diligence (SaaS subscriptions & DD product checkout)
—
Consultancy contracts (other paid invoices)
—
Stripe is not configured in this environment; paid revenue and the forecast show £0.
Engagement revenue (modelled)
For each organisation that submitted a pricing quote with an acquisition value, engagement value is £5,000 or 1% of that acquisition value, whichever is greater (whole pounds). Totals help compare customers and roll up a portfolio view before Stripe cash is booked.
Loading…
Usage
Product, API, and assessment consumption across tenants and time.
Usage analytics are not connected yet. Plan to chart assessments, scans, questionnaire activity, and active seats here.
Alerts
Operational and customer-impacting events that need attention.
Alerts by error code
Vertical axis is total occurrences (sum of row counts) within the selected time range. Click a bar to filter the table to that code; click again or use Clear to reset.
Use column ▾ filters (unique values), then Apply in the filter panel. Click a column title to sort A–Z / Z–A. Chart bar still filters by error code.
Filter
Loading alerts…
|
|
|
|
|
|
|
|
|
|
|
|
Actions |
|---|
No alerts match the current filters.
Alert details
Manage Admins
Invite internal admins with a one-time set-password link (same as customer invites). Do not create admins in the Cognito console — temporary passwords from AWS cannot be used on the portal sign-in page.
Send an invite
Administrators
Loading…
No administrators found.
| Name | Status | Action |
|---|
Customers
Search organisations, create new ones, then open a row to manage people, financial placeholders, technical scans, and delivery in the workspace below—mirrors the customer programme journey with an extra Financial lane for Stripe, contracts, and unit economics.
Organisations
No organisations yet.
No match.
New organisation
Target / engagement
Engagement snapshot
Quick facts for this organisation; wire CRM or billing IDs here when you connect those systems.
- Org ID
- —
- Created
- —
- Stage
- —
- Users
- —
- Engagement value (modelled)
- —
Enquiry / quote
Submitted from the public site. After payment, set workflow status to Onboarding (or your next stage), then use Invite primary contact or Invite additional user below to grant portal access.
Users
Invite the primary contact in one step, add more people with Invite additional user, manage membership, or delete this organisation.
No users for this organisation yet.
Invite additional user
Someone other than the primary contact? Enter their details below. The primary contact from org setup can be invited from the Users card above.
Internal notes
FutureFree-form context for CS and delivery (pricing conversations, risk flags) with audit trail when persisted.
Per-customer financial control centre. Link to platform-wide Billing, Cost management, and Forecasting for aggregate views.
Stripe & billing
Loading billing data…
Invoices
Loading invoices…
Create invoice
Creating an invoice assigns the full platform licence bundle on this org. Gated product areas in the portal still require signed agreements (Legal Agreements). Description and amount are pre-filled from this org when we have a modelled engagement value—edit before sending.
Licence provisioning
Licences are normally activated automatically when you create an invoice below (full platform bundle). Use the toggles only for exceptions or corrections; changes apply immediately in the customer portal.
Loading licence state…
Commercial terms
PlaceholderContract value, currency, billing frequency, and renewal date.
Credits & adjustments
PlaceholderGoodwill credits, service credits, and manual invoice adjustments.
SOW terms and customer signing
Enter agreed Statement of Work terms in the form below, then generate the SOW PDF for the customer. They sign under Legal Agreements in the portal. You can also copy the legal deep link or use the email draft in that section.
Statement of Work
Standard catalogue organisations: edit engagement fields as JSON, then save to update the org commercial schedule and generate or refresh the primary cyber due diligence SOW under Legal Agreements. Custom pricing organisations: choose the service type and create tailored SOW documents the same way. Use Enter customer portal from the org list to open their view, or copy the legal deep link and email it separately. After agreements are signed, use the Financial tab to issue the invoice so platform licences are assigned automatically.
Select an organisation from the Customers tab.
Technical operations
Run security scans individually (discovery, attack surface, email hygiene, breach, web posture, brand threat); manage seeds and discovery test mode. Raw JSON supports engineering debug and alert triage.
Loading technical state…
Quotas & scheduling
FutureScan budgets, cooldowns, and planned maintenance windows so CS can set expectations with the customer.
Evidence & retention
FutureRaw artefact retention policy, export bundles for auditors, and data-residency labels for this tenant.
Publish due diligence PDFs
When QA is complete, publish Branz-generated PDFs so customer users can download them from the Findings tab (alongside live-generated reports). This is the boundary between draft internal work and client-visible artefacts.
Journey & tasks
Set workflow status and mark tasks complete or undo manual completions (same checklist as the customer portal). Draft vs published PDFs is controlled above.
Select an organisation to load journey state.
Reset organisation (testing)
Clears workflow to onboarding, removes all task completions, org details, portal scanning consent, questionnaire responses, DDQ assignments, technical scan results, published due diligence PDFs in file storage, and the audit trail for this engagement. Does not change Cognito users (email verification, MFA, passwords) or membership rows. Legal document records in the documents service (MSA/DPA/SOW) are unchanged.
Type RESET_ORG_PROGRESS to confirm.
Recent activity
Server-side audit trail for scans, status changes, and publish actions (most recent first).
Sign in
Use your Branz account email and password.
Reset password
A password reset request will be sent to the email provided if you already have an account with this email address.
Set new password
Choose a new password for your account.
Set your password
You signed in with your invite link. Choose a password to finish setting up your account. Invite links expire after 30 minutes.
Password set. Signing you in…
Emergency recovery sign in
Use your email, password, and one-time recovery code when your normal MFA device is unavailable.
API Docs & Status
Track internal APIs and test requests from the admin portal.
Endpoints
API tester
Select an endpoint to prefill, adjust request details, then run.
Secure your account
Save your recovery codes
These codes will only be shown once. Store them in a password manager or another safe place before closing. Each code works a single time.
Confirm deletion
Set user password
Use at least 12 characters with upper and lower case, a number, and a symbol (same rules as self-serve password change).