Know every CVE that
threatens your servers
One script, one API key. Your machines scan themselves with Trivy, send results to the platform, and you get a prioritized, audit-ready vulnerability dashboard in seconds.
No credit card. 14-day trial. Cancel anytime.

What is a CVE?
Every vulnerability in the wild has a unique CVE identifier. The platform enriches each CVE with EPSS exploitation probability, KEV status and CVSS score - so you always know where to focus first.
Common Vulnerabilities and Exposures
A standardized identifier (e.g. CVE-2024-1234) for every publicly known security vulnerability.
National Vulnerability Database
The US government's official registry of CVEs, enriched with CVSS scores and technical details.
Common Vulnerability Scoring System
A 0–10 score measuring vulnerability severity: Critical (9–10), High (7–8.9), Medium (4–6.9), Low (0–3.9).
Exploit Prediction Scoring System
Probability (0–100%) that a vulnerability will be actively exploited in the wild within 30 days.
Known Exploited Vulnerabilities
CISA's list of CVEs with confirmed active exploitation in real attacks. Highest priority for patching.
End of Life
Date after which a vendor stops providing security patches for a software version. Machines still running EOL OS are in the highest risk category.
CVSS Severity scale
KEV flag (🔴) overrides any CVSS score - a KEV vulnerability demands immediate action regardless of its numeric score.
How it works
No daemons, no containers to maintain. One bash script using Trivy - the industry-standard open source scanner. Data flows to the platform only through your API key. Nothing sensitive ever leaves your machine.
Download the audit script
A single Bash script (audyt.sh). It auto-installs Trivy if not present. Requires only curl and jq - standard on every Linux server.
Scan happens locally - only results leave the machine
Trivy scans the full rootfs and running Docker containers. Only vulnerability metadata (CVE IDs, package names, versions) is sent - never your actual files, configs or secrets.
Platform analyzes and prioritizes
Results are enriched with NVD data, EPSS exploitation probability and KEV status in real time. Dashboard shows exactly what needs fixing today vs. what can wait.
API key auth
One key per project. All machines in the project report under it. Revoke anytime.
No agents, no daemons
Cron job or one-shot. Nothing running 24/7.
HTTPS only
All traffic encrypted in transit.
Full visibility into your fleet
From fleet-level overview down to individual CVE details - every screen designed for fast triage.

Machine-level CVE detail
Every machine gets a full breakdown: Critical, High, Medium and Low vulnerabilities with CVSS scores, EPSS probability and remediation advice. Filter by package, CVE ID or source. Mark issues as In Progress, Accepted Risk or Fixed.

Scan history & trend analysis
Track your remediation progress over time. Each scan is stored with a delta showing whether your security posture is improving. Export any snapshot to CSV or PDF for compliance evidence.

EOL fleet governance
Know which machines are running End-of-Life operating systems - with how many days until support ends, migration owner assignment, target dates and risk acceptance. ISO 27001 A.8.9 compliant.
Built for regulated environments
Generate PDF reports for ISO 27001 and EOL governance in one click - no manual data gathering.
ISO 27001 A.8.8
Vulnerability management process evidence - PDF report covering findings, actions and remediation timelines.
NIS2
Network and Information Security Directive - track your vulnerability posture across the entire fleet, with full audit trail.
EOL Governance
Manage OS End-of-Life risk with migration plans, ownership and risk acceptance - ISO 27001 A.8.9.
ISO 27001 A.5.18
Exportable audit trail - who changed what and when across the account. Accountability evidence for access rights and change management (A.8.32).
Simple, transparent pricing
Start free. No credit card required.
STARTER
Small businesses & teams
Includes everything available today and every feature added in the future.
PRO
Growing infrastructure teams
Includes everything available today and every feature added in the future.
BUSINESS
Larger estates & MSPs
Includes everything available today and every feature added in the future.
ENTERPRISE
Unlimited scale, custom SLA
Includes everything available today and every feature added in the future.
All plans include a 14-day free trial. Start today - no credit card required.
What's on the platform?
Every feature listed below is available in every paid plan - from day one and as the platform grows. You pay for machine slots and retention, not feature unlocks.
CVE scanning via Trivy
One bash script installs Trivy and runs a full scan of the OS, installed packages and running Docker containers. Only CVE metadata leaves the machine - no files, no configs, no secrets.
CVSS · EPSS · KEV enrichment
Every CVE is automatically enriched with its CVSS severity score (0–10), EPSS exploitation probability (%) and CISA KEV flag. Three data sources in one view - so you know where to focus first.
Remediation status tracking
Mark individual CVEs as In Progress, Accepted Risk or Fixed - directly from the machine view. Bulk actions available. Status history is preserved and exportable.
Scan history & trend analysis
Every scan is stored with a delta showing the change vs. the previous scan. Track whether your security posture is improving over time and spot regressions instantly.
ISO 27001 A.8.8 PDF report
One-click PDF report covering the full vulnerability management process: findings, remediation actions and timelines. Ready for external auditors - no manual data gathering.
EOL fleet governance
See which machines run End-of-Life operating systems, how many days remain, who owns the migration, target dates and risk acceptance decisions. ISO 27001 A.8.9 aligned.
PDF & CSV export
Export any machine snapshot or fleet summary to PDF or CSV. CSV follows RFC 4180 with BOM for correct Excel rendering. Every export is audit-ready and can be attached to incident reports.
Evidence Pack (one ZIP for a period)
Generate a single ZIP for any audit period: management, ISO 27001 and EOL PDFs, risk-acceptance and audit-trail CSV, a machine-readable JSON dataset and a SHA-256 manifest. Hand an ISO 27001 / NIS2 auditor one integral package instead of clicking together five separate exports.
Email & Telegram notifications
Scheduled digests deliver new CVEs and changed statuses directly to your inbox or Telegram channel. Configure the frequency and threshold per account.
AUDITOR role
Invite external auditors or compliance teams as read-only AUDITOR members. They see findings and reports - no access to API keys, billing or configuration.
Full AuditLog
Every action on every resource is recorded: who did what, when, from which IP. Immutable log exportable to CSV. Required evidence for ISO 27001 and NIS2.
Multi-organization support
Manage multiple separate organizations and projects from one account. Useful for MSPs, holding companies or teams with distinct environments requiring isolated reporting.
CVE Translator
CVE descriptions from NVD are in English. The built-in translator renders them in Polish - making triage faster for teams that don't work in English daily.
API & integrations
Project API key, agent audit endpoint and a Prometheus /metrics export - scrape your fleet's vulnerabilities into your own Prometheus and chart them on Grafana.
Start securing your fleet today
One script. 5 minutes to first scan. No commitment needed.


