Partners — Kosli + ServiceNow

SARC sits above Kosli and ServiceNow. Both partners are engaged and co-selling. SARC depends on Kosli for evidence and ServiceNow for workflow — it does not duplicate either.

Three-layer picture

SARC — orchestration + correlation

Multi-cloud (AWS / Azure / GCP / k3d / OpenShift), multi-CI (GitLab / GitHub / Azure DevOps). Computes the 5-axis risk score. Writes back into ServiceNow CRs. Packages the auditor evidence pack. AUDITOR-role surfaces.

ServiceNow — workflow control plane

Change-request approval flow, CAB process, incident + problem records, CMDB, audit retention, ITIL automation.

Kosli — evidence data plane

Attestations per build (SAST, SCA, container, secrets, IaC scans). Trails per pipeline. Environment snapshots. Cryptographic ground truth.

What each does — and doesn’t

	Kosli	ServiceNow	SARC
Cryptographic attestations per build	✅
Environment snapshots, drift detection	✅
Per-trail evidence ground truth	✅
Change-request approval workflow		✅
CAB process automation		✅
ITIL incident + problem management		✅
CMDB authoritative store		✅
Audit retention guarantees		✅
5-axis risk clearance per CR			✅
Evidence pack one-button export (SOC 2 / DORA / PSD2 / ISO / NIST)			✅
AUDITOR magic-link sessions			✅
Cost-vuln correlation			✅
Change-window enforcement at deploy time			✅
Multi-cloud parity (AWS / Azure / GCP / on-prem)			✅
Multi-CI parity (GitLab / GitHub / ADO)			✅
Service ⇄ incident correlation graph			✅
AI agent recipes (vuln-fix, problem-investigate)			✅
MCP server for AI agent access			✅

What this looks like in the portal

Kosli evidence view inside the portal — Kosli evidence — attestations + trails + env snapshots, surfaced inside SARC.

ServiceNow CRs enriched with SARC data — ServiceNow CRs — enriched by SARC with the 5-axis risk score + Kosli trail link.

Hash-chained audit log — SARC's hash-chained audit log — the new surface that the partners can't compose alone.

The pull-through story

Customers come to the table with three procurement questions:

“How do we satisfy our auditor without compiling evidence by hand each quarter?”
“How do we ship faster without losing CAB control?”
“How do we do this on whichever cloud + CI we already have?”

The honest answer is: Kosli + ServiceNow + SARC together. Kosli alone gives evidence but no workflow. ServiceNow alone gives workflow but no automatic evidence. SARC alone has nothing to orchestrate. Together, the three are the regulated-delivery story.

When a prospect adopts SARC, Kosli and ServiceNow both see pull-through — and Calitti / Synechron sees consulting revenue on the install.

Reading the partner relationship correctly

SARC is not a Kosli competitor. Kosli’s evidence-data-plane is load-bearing for SARC; replacing Kosli would mean rebuilding Kosli, and Kosli already does that job better than SARC ever would.
SARC is not a ServiceNow replacement. Workflow stays in ServiceNow; SARC writes into ServiceNow’s native change_request, problem, cmdb_ci_service, and the optional u_kosli_* custom tables.
SARC is the integration surface that lets the three vendors tell the regulated-delivery story together. That’s the gap in the market.