Vulnerability Management
Track, triage, and remediate security vulnerabilities from penetration tests, cloud integrations, vulnerability scans, and manual entry โ with risk scoring, SLA enforcement, Kanban and timeline views, and integrated external scanning via Nuclei and OWASP ZAP.
Vulnerability Scanning
Run external vulnerability scans with Nuclei (CVE/misconfiguration detection) and OWASP ZAP (DAST) against configured targets โ with scan profiles, scheduling, isolated ECS Fargate execution, fingerprint-based dedup, triage workflow, AI-powered analysis, bulk actions, and promotion to the Vulnerability Register.
Endpoint Management
Monitor device compliance through MDM integrations โ track encryption, firewall, passcode, and OS version enforcement across your fleet with compliance policies, posture dashboards, and historical snapshots.
Phishing Simulation
Run simulated phishing campaigns to test employee security awareness โ with built-in email templates, credential capture landing pages, click and report tracking, department comparison analytics, and auto-remediation training for clickers.
Incident Response
Track, investigate, and resolve security incidents following the NIST SP 800-61 lifecycle with a 5-tab workspace, NIST phase stepper, playbook-driven runbooks, breach notification tracking, AI-assisted after-action review, and remediation management.
Security Awareness Training
Build and deliver security awareness training with a curated module library, AI generation, multi-content campaigns (training + policies + coding challenges), magic-link delivery, auto-enrollment, configurable reminder rules, per-assignment tracking with scores and pass/fail, and an analytics dashboard with KPI cards and campaign progress.
Tabletop Exercises
Plan and conduct incident response and BC/DR tabletop exercises with AI-generated scenario injects, role-based participant management, live exercise facilitation with phase transitions and timers, structured response collection, post-exercise observations, and AI-generated after-action reports with compliance mapping.
Infrastructure
Monitor cloud infrastructure through automated AWS inventory scanning, interactive network diagrams with freestyle mode, resource classification, drift detection with severity-based alerts, security finding review with risk creation, and network access reviews โ all generating compliance evidence.
Coding Challenges
Interactive secure coding exercises evaluated in an isolated Lambda sandbox โ with AI generation, OWASP-mapped challenges across JavaScript, Python, and SQL, automated test verification, attempt tracking, AI coaching hints, and integration into training campaigns.