Use cases · coverage

Built to cover every surface.

We review every surface a modern system exposes, from web apps and APIs to complete Kubernetes clusters, Active Directory, and embedded code. If it's part of your stack, it's in scope.

One engine

Every surface below sits in the same model: reviewed in parallel, with attack paths traced the way an attacker chains between them. No surface is a separate tool.

  • Web apps

    Auth flows, session handling, access control, and business logic across your web app and the services behind it. Cipher traces the multi-step exploits that single-endpoint scanners miss.

  • APIs

    REST, GraphQL, and internal service APIs. Broken object-level authorization, tenant isolation, and token handling, reasoned across every service a request actually touches.

  • Cloud & IaC

    Terraform, IAM policy, and cloud configuration read together with the code that depends on them, so a misconfiguration is judged by what it actually exposes.

  • Kubernetes clusters

    Complete clusters reviewed as one system: workloads, RBAC, operators, admission and network policy, and the tenant boundaries between namespaces, traced to what a compromised pod can actually reach.

  • Identity & Active Directory

    Active Directory, Entra ID, and the SSO and OAuth flows in front of them: trust, delegation, and Kerberos paths traced the way an attacker escalates, from one weak account to the domain.

  • AI / LLM applications

    AI and LLM-powered features: prompt injection, tool and agent abuse, insecure model and data supply chains, and the new trust boundaries they introduce.

  • Network & infrastructure

    Internal and external network surfaces, host and service exposure, and the segmentation that decides how far an attacker moves once inside.

  • Open-source & embedded

    Original research into the widely deployed open-source and embedded software your stack inherits: real-time operating systems, media and protocol stacks, and data-layer components. Novel findings, reported and fixed upstream.

  • Secrets & sensitive data

    Credential and secret exposure across code, CI/CD, and runtime, traced to what the leaked material actually unlocks.

  • Mobile applications

    Android clients and their backends: insecure storage, weak certificate handling, exported components, and the trust assumptions between app and server.

  • OT / SCADA

    Operational-technology and industrial control surfaces, where protocol and segmentation assumptions carry physical consequences.

  • Memory safety

    Native and systems code. Memory-corruption classes reasoned through to exploitability, not just flagged as warnings.

Point us at one

Pick a surface. We'll show you what's reachable.