Preview every restore before it touches production.

The scenario

Monday morning, your IR lead pings: an admin account was active at 3am Sunday. Sign-on policies look off, a new application appeared in the catalog, and two group memberships changed. The clock is running, the auditor will ask what changed, and a wrong restore could lock users out.

How Butterfly handles it

1. 1Open the suspect resource and see every version captured across recent backups — who touched it, when, and the exact diff.
2. 2Generate a dry-run restore plan that shows every create, update, and skip before anything is written back to Okta.
3. 3Apply the plan with a single action, with the full diff archived as evidence for the post-mortem.

The scenario

Helpdesk tickets spike from the sales org. A network zone was edited, or a group rule changed, or an app assignment was removed — at some point in the last week. Native Okta logs tell you something changed, but not what the configuration looked like before.

How Butterfly handles it

1. 1Pick any two backups across the last 90 days and get a structured, line-by-line diff of policies, group rules, app assignments, and network zones.
2. 2Drill into the affected resource to see the full version history and pinpoint the exact change that broke sign-in.
3. 3Roll the specific resource back without disturbing anything else in the tenant.

The scenario

Auditor: "Show me that admin changes are logged, that backups exist, that you can restore, and that you reviewed access in the last quarter." Gathering this evidence by hand across Okta, Workflows, and Auth0 is a week of screenshots and CSV exports.

How Butterfly handles it

1. 1Run automated compliance checks across SOC 2, HIPAA, PCI DSS, NIST 800-53, ISO 27001, and CIS Controls — per provider, with pass/fail and exact failing resource IDs.
2. 2Generate a signed Audit Pack PDF with the framework results, the underlying evidence, and a SHA-256 manifest that proves the bundle wasn't edited.
3. 3Hand the PDF to the auditor. The manifest hash and signing key are verifiable independently.

The scenario

Boards and insurers are starting to ask whether you can actually recover your identity provider, not just whether you have backups. The honest answer for most teams is "we think so" — until they try, mid-incident, and discover the snapshot was missing a resource type or the restore conflicts with current state.

How Butterfly handles it

1. 1The Restore Readiness Score continuously evaluates every backup against your live tenant — counting restorable resources, surfacing conflicts, and flagging gaps before you need them.
2. 2Run a full dry-run restore against any backup, in any window, without touching production — the same engine that runs during a real incident.
3. 3Track the score over time so you can show leadership a number, not a hope.