You run IT for everyone else. Run yours on runbooks.
A prebuilt runbook pack for NOC and service-desk teams and MSPs: the high-volume L1 work that burns margin, plus the change-control evidence your clients ask you to produce.
L1 toil is a margin problem
Password resets and lockouts are 20 to 50 percent of service-desk tickets (Gartner). On a fixed-fee contract, every one your engineers touch by hand is margin you gave back.
Clients ask you for the evidence now
MSPs increasingly face the security questionnaires their clients used to answer themselves. The audit chain gives you exportable, re-verifiable records of every privileged action your team took, per engagement.
Change control without the ceremony
Firewall, DNS, and credential changes need a second set of eyes, not a change-advisory board meeting. Approval gates put a named reviewer on each change in Slack or Teams, in seconds.
What's in the pack
12 runbooksPassword Reset
Automate password resets in Okta or Microsoft Entra ID directly from Slack and Microsoft Teams. Approval-required by default, with full audit trail.
Account Unlock
Automate Microsoft Entra ID and Okta account unlocks from Slack and Teams. Identity verification, approval-gated unlock, failed-login counter reset.
Security Alert Triage
IT-admin-initiated security triage: invoke /alert-triage on a user account when you spot suspicious activity, AscendCore proposes account suspension pending investigation, suspension executes only on explicit approval. Distinct security-event audit namespace for SOC-2 evidence separation.
Employee Offboarding
Automate end-to-end employee offboarding across Okta, Microsoft 365, Jira, and Intune. Suspend accounts, revoke OAuth tokens, transfer files, revoke licenses, archive mailbox.
New Hire Provisioning
Automate new-employee account creation across Okta, Microsoft 365, and Jira with single-approval workflow. License assignment, group membership, and welcome kit delivery.
M365 License Assignment
Automate Microsoft 365 license assignment from Slack and Teams. Pool-availability check, approval-gated assignment, optional Intune or Jamf endpoint policy push.
Service Account Credential Rotation
Rotate a service-account secret or app client credential with approval and a clean audit record, on a schedule or on demand.
Contractor Onboarding
Provision a time-boxed contractor account with scoped access and an automatic end-date deactivation, approval-gated and audited.
Firewall Rule Change
Turn a plain-language firewall request into a reviewable change summary, then apply it on approval, with a full audit record.
DNS Record Change
Add or update a DNS record from chat behind an approval gate, with a clear change summary and a full audit record.
Endpoint Isolation
Quarantine a suspected-compromised device from the network on explicit approval, with owner notification and a security-namespaced audit row.
Exposed Secret Response
Respond to a leaked credential by rotating or revoking it and notifying the owner in one approval-gated action, fully audited.
Evidence your auditors can re-verify
Every approval decision lands on an append-only SHA-256 chain. Export it as CSV and re-verify it offline, without trusting AscendCore.
Evidence for: SOC 2 CC6.1 and CC8.1 (logical access, change management). Every privileged change carries a named human approve or deny decision, recorded append-only.
Evidence for: SOC 2 CC7.2 / CC7.3 (system monitoring, change detection). The chain records what changed, who approved it, and when, and it re-verifies offline.
Evidence for: CIS Controls v8, Controls 5 and 6 (account management, access control management) across the client environments you operate.
Evidence for: ISO 27001 A.12.4 (logging and monitoring). Exportable per engagement, so client-facing evidence requests stop being a research project.
A runbook pack is not a compliance program, and AscendCore's own SOC 2 Type I is planned, not certified. These mappings show which controls the approval gates and audit chain produce evidence toward, for your assessments and your clients'.
Reselling or referring? The partner program pays a recurring referral percentage of MRR (20 to 30 percent by tier) and includes a white-label portal, quoting tools, and this pack's enablement material.
See the flow before you talk to anyone
The demo dashboard runs the same approval queue, audit chain, and governance surface your team would use. No signup wall.
