SolarNorth agents have no write access to any customer system. Not under any credential. Not in any escalation path. Not in any override condition. The architecture makes write access structurally impossible rather than merely disallowed. A system that could write but chooses not to relies on policy. A system that cannot write relies on architecture. The difference is the difference between a promise and a property.
A monitoring system with write access is itself a risk surface.
Every additional system with production write access expands the attack surface. A monitoring platform with write credentials is a supply-chain vector: compromise of the monitoring vendor becomes compromise of the monitored environment. Several high-profile enterprise breaches in recent years originated in trusted third-party tooling with elevated access.
The question a CISO has to answer is not whether the monitoring vendor is trustworthy today. It is whether the vendor will remain trustworthy across every future security event in their own organization. A read-only architecture answers that at the structural level.
What read-only actually means.
The commitment is operational. IAM roles provisioned for Plumbline agents include no mutation policies. API keys held by the SolarNorth platform have no write scopes. Service accounts used for observation have no change permissions in source control, infrastructure-as-code repositories, or configuration stores. Emergency support escalations do not include write-access provisioning.
Verification is available on request. SolarNorth will, for any customer in any pricing tier, provide the full IAM configuration for their deployment and support an independent audit of the write-access claim. The commitment is designed to be verified, not trusted.
Why most observability tooling chooses otherwise.
Most tooling asks for write access because it makes the tooling more useful. An agent that can modify configuration can perform remediation. SolarNorth made a different bet: the most important observation is the observation that can never become an action. For a regulated organization, the audit trail of a system that cannot change the thing it is measuring is more defensible than the audit trail of a system that might have.
What this simplifies.
Procurement review, faster. Audit, faster. Regulatory conversations, faster. Internal security review, faster. None of this is the primary reason for the commitment. All of it is a downstream effect.
It is the thing.
Read-only is not a feature we charge more for. It is the architecture every other part of SolarNorth is built on. Asking whether it is configurable is asking the wrong question.