Every engagement covers the full security surface β code, infrastructure, CI/CD pipeline, supply chain, and attack path correlation.
Full SAST scan via Bandit (Python) and Semgrep (multi-language) β SQL injection, XSS, command injection, insecure crypto, and more.
Full git history scan plus live file analysis β AWS keys, API tokens, private keys, passwords, connection strings.
Manual review of pipeline logic β race conditions, privilege escalation, unpinned actions, and misconfigurations no automated tool catches.
Dependencies, Docker base images, and third-party integrations β mapping every external trust boundary and CVE exposure.
Full IaC scan β Terraform, Kubernetes manifests, Helm charts, Dockerfiles. Misconfigurations, privilege issues, missing security controls.
Correlates findings across detectors. A hardcoded secret (LOW) feeding a command injection (MEDIUM) becomes a CRITICAL chain. Severity escalation prevents underreporting.
attack_paths root objectNot just a PDF. Concrete code snippets, configuration fixes, and a prioritised remediation roadmap tailored to your specific stack β including chainβbreaking strategies.
Every engagement produces the same structured deliverables β reproducible, machine-readable, and human-readable.
7-page audit-ready document with Evidence Appendix (source context for CRITICAL/HIGH findings), Attack Path Analysis section, SOC 2 control exposure table, Remediation Roadmap, and Attestation block β ready for auditors and underwriters.
Full findings with AI VERIFIED / AI FALSE POSITIVE badges, SOC 2 / CIS / ISO 27001 compliance tags per finding, collapsible chain cards, and architectural analysis block.
WSPM v2.2-calculated Security Posture Index with posture label β from Critical Risk to Hardened. Gate Override caps grade at C if CRITICAL findings exist in production.
Prioritised action plan with concrete code snippets and configuration fixes for your specific stack β including chainβbreaking strategies.
Machine-readable output with chain block per finding, attack_paths root object, compliance_mapping, and framework_summary β ready for SIEM integration or CI/CD gating.
Confidential from first contact to final delivery.
Email with a brief description of your project and what you want covered. We agree on scope, timeline, and NDA before anything begins.
You provide a read-only clone URL or encrypted archive. We never request write access. All analysis happens locally β your code never leaves a controlled environment.
Auditor Core v2.2.1 runs all 11 detectors. Chain Analysis correlates findings into attack paths. Critical findings are verified by Gemini 2.5 / Groq (or local LLM) to eliminate false positives. Context Intelligence excludes test/docs directories from SPI. Gate Override caps grade at C when CRITICAL findings exist in production.
Every significant finding and chain is manually reviewed for real-world exploitability. Race conditions, logic flaws, and pipeline misconfigurations are assessed by hand.
PDF Executive Summary (with Attack Path Appendix) + Interactive HTML report (with collapsible chain cards) + JSON (with attack_paths root) β delivered via secure email. Debrief session available on request.
We audit these surfaces. Scope is agreed before engagement β nothing is scanned without explicit authorisation.
Every engagement is governed by a strict NDA before any code is reviewed. All analysis runs offline β your source code is never uploaded, transmitted, or stored on any external server. AI API calls contain only anonymised findings β never raw source. Local LLM mode available for airβgapped environments. Findings are delivered exclusively to the authorised contact.