lastcopy

Your backups are green.
Are they good?

Exit code 0 doesn't mean your backup works. Backups fail silently. The empty dump. The job that "succeeds" in 4 seconds. The retention that quietly broke. Lastcopy learns what normal looks like for every job and alerts when a successful run doesn't look right.

Lastcopy never sees your backups. Your job sends the numbers, size, file count and duration, over one curl line. No agent, and your backup logic stays exactly as it is.

Watch 6 backups free See a sample evidence report

The whole integration, on any tool

your_backup_command \
  && curl -fsS -m 10 --retry 3 PING_URL -d "bytes=$SIZE&files=$COUNT" \
  || curl -fsS -m 10 PING_URL/fail

Pick your tool above, or start from Any command and drop in whatever you run. Anything that can run curl works, including your own scripts. A check-in on success, /fail on error. There are more recipes in the docs.

Three tiers of assurance

Each tier proves more than the one before. There are no thresholds to configure. After 7 runs Lastcopy knows this job's normal size, file count and duration, and every alert states its evidence.

ran

Checked in on schedule, numbers within learned norms. Catches the empty dump and the 4-second "backup", the failures that ping green.

verified

Your tool's own cryptographic integrity check (restic check --read-data, borg check --verify-data) ran and passed. Real corruption detection, reported in one line.

drilled

You actually restored it and the contents validated. Lastcopy schedules the drill, nags weekly when it's overdue, and keeps the register, which is the evidence ISO 27001 and SOC 2 auditors ask for.

Use as many as the job needs. Every check-in gives you the first tier, and most jobs stay there. Add verification and drills on the ones where the evidence has to hold up. Every tier is on every plan.

Audit on the calendar?

The auditor will ask when you last restored, what you restored, whether it met your RTO, and who signed off. Most auditors work from one simple principle. If you don't have evidence, it didn't happen. And the most common finding isn't missing backups. The jobs run, but the evidence does not.

Lastcopy keeps that register for you. Every entry is timestamped on arrival, held outside your systems, with no edit function. It is not a spreadsheet someone fills in the week before the audit. ISO 27001 A.8.13 says backups shall be "regularly tested", and a backup that has never been restored is an assumption, not a control.

99.7%coverage
4restore drills
52verifications
WhenResultByRTO
14 Jun 2026passadammet 30m 42s
9 Dec 2025failjamiemissed 1h 13m

From the sample evidence report. The failed drill stays on the record with its remediation, which is stronger evidence than a perfect page.

See the exact report your auditor gets How the register maps to ISO 27001 and SOC 2

What Lastcopy never does

No agent, ever. Your backup logic stays the same. No marketing email. Every message is an alert or a summary you can turn off. And no alert noise. One alert per state change, one email per incident, a recovery notice when it's fixed. Every alert says exactly why it fired.

Point a backup at it

  1. Sign up. You land on your first backup with its ping URL ready.
  2. Add one curl line to the job. The first check-in turns it green.
  3. Let it learn. After 7 runs the baselines are live, and drills get scheduled, nagged and recorded.

Watch 6 backups free See the sample report