Get started

Capabilities

What xEvolve runs for regulated transfer

Managed file transfer on Cloudflare Workers — identity-bound operators, dedicated infrastructure per Environment, and one audit record per file moved.

  • 14 protocol adapters

    SFTP, FTP, FTPS, Amazon S3, Azure Blob Storage, Azure Files, Google Cloud Storage, Cloudflare R2, SMB, WebDAV, OneDrive, SharePoint, Google Drive, and NFS — each with its own credential model and connection test in one dashboard.

  • Entra ID SSO and TOTP MFA

    Operators sign in through Spot Suite OIDC with Microsoft Entra ID, Okta, or any OIDC provider. TOTP enrollment is enforced on every account — Google Authenticator, Authy, 1Password, and other RFC 6238 apps.

  • Dedicated Environment isolation

    Each customer Environment runs on its own Cloudflare Worker runtime with a dedicated D1 database and R2 storage bucket. Transfer metadata and files are not co-mingled with another tenant.

  • Per-transfer audit log and export

    Logins, uploads, downloads, and permission changes record user ID, client IP, and UTC timestamp. Export the audit packet for ISO 27001:2022 (A.8.10, A.8.12), DORA, GDPR, CIS, or vendor-risk reviews.

  • Secure data rooms

    Share files with external parties in a controlled room. Assign viewer, editor, or admin roles per user. Every view and download is logged with actor identity and timestamp.

  • Cron scheduling

    Schedule recurring transfers with cron expressions on Cloudflare Workers. Routes run at the edge without a separate job server or agent install on your network.

  • Folder watchers

    Watch a source folder for new or changed files and trigger a transfer route automatically. Pair with workflows to branch on file size, name pattern, or delivery result.

  • Workflow branching and webhooks

    Chain multi-step routes with if/else branching on delivery status or file attributes. Business plan includes outbound webhooks and API access for downstream automation.

  • Retention and legal hold

    Business plan adds retention policies and legal-hold flags on transfer records and stored files. Held objects stay in your R2 bucket until an authorised release.

How a transfer runs

  1. Connect source and destination

    Pick an adapter — SFTP server, S3 bucket, SharePoint library, or any of the 14 supported endpoints. Enter credentials, run a connection test, and name the route.

  2. Define the route or schedule

    Set a one-time transfer, a cron schedule, or a folder watcher. Add workflow branches for retries, notifications, or alternate destinations when a step fails.

  3. File moves encrypted

    Payloads travel over TLS 1.3 between endpoints. Files at rest in your Environment R2 bucket use AES-256. Checksums are computed before delivery confirmation.

  4. Audit record written

    Each transfer writes an event with actor, route, file name, size, result, and IP. Export the packet from the console or hand it to compliance for mapping review.

Test one regulated transfer flow

Pick a protocol, connect one path, and export the audit packet. 90 days free, no card.

Start your 90-day trial Book a demo