EARLY ACCESS · VULN TRIAGE FOR ANALYSTS
From export to worklist in 10 minutes.
Upload your Tenable or Nessus export. Get back the 12 findings that actually matter — ranked by exploitability, exposure, and business impact.
SCANNER FORMATS SUPPORTED
- Tenable.io
- Nessus
- Qualys SOON
- Rapid7 SOON
FEATURES
Built like an analyst would build it.
-
Reasoning, not regex.
Claude reads each finding the way an analyst would: in the context of your assets, your exposure, your business. No score templates. No keyword rules.
-
Asset-aware out of the box.
Bring your own asset context CSV. Every prioritization factors in environment, internet exposure, data sensitivity, and owner.
-
CVE-aware.
Every CVE on every finding is parsed, deduped, and reasoned about — including chained vulnerabilities.
-
Multi-CVE per finding.
We preserve every CVE on a finding, not the first one. The diff matters when a finding spans 4 chained issues.
-
Dashboard + PDF.
Sortable web report for the team. Branded PDF for the board. Same prioritization, two surfaces.
-
Your data never trains a model.
Findings stay in your tenant. We never use customer data for model training. Delete-on-demand.
HOW IT WORKS
Three steps. About ten minutes.
- 01
Upload.
Drop your Nessus XML or Tenable.io CSV. Add your asset context CSV — hostname, environment, exposure, owner.
- 02
Prioritize.
Claude reads every finding against your asset context. Output: a ranked worklist with the reasoning behind each rank.
- 03
Ship the fix.
Sortable dashboard for the team. Branded PDF for the board. Show up to Monday's standup with the worklist already done.
WHAT YOU ACTUALLY GET
A worklist your team will actually work.
Not a 40,000-row CSV. Not a CVSS scatter plot. A ranked list of findings on your assets, each with a one-line "why this rank" you can defend in a standup.
- ▸ Ranked by exploitability × exposure × business impact
- ▸ Every rank has a single-sentence justification
- ▸ Drill into affected assets without leaving the row
- ▸ Export to PDF for the board, CSV for Jira
EARLY ACCESS
First 100 get priority access
+ 50% off year one.
We're shipping the first version this quarter. Get in line.
No spam. One launch email. Unsubscribe by replying.
FAQ
The questions a security buyer would ask.
-
Where does my data go?
Your scanner export and asset context are stored in an isolated S3 bucket in your tenant. We never use it for model training. You can delete it on demand. Findings analysis happens in-process; no third party except Anthropic sees the data, and Anthropic's API does not train on enterprise traffic.
-
What scanner formats do you support?
Today: Nessus XML, Tenable.io CSV. On the roadmap: Qualys, Rapid7. If you have an export format you'd like supported, reply to your waitlist confirmation email.
-
Is this an automated pentest?
No. We never touch your systems. We read scanner output you already have.
-
How accurate is the prioritization?
We benchmark against ground-truth triaged findings from a senior analyst. Current agreement rate: pending publication once we have a public benchmark we're proud of. (Translation: we'll tell you when we can prove it.)
-
Will the AI hallucinate CVEs?
No. We never invent CVE IDs. Every CVE in your output came from your scanner's input.
-
Can I export to Jira / ServiceNow?
Not in v1. PDF and CSV exports are first-class; ticketing integrations are on the roadmap.
-
What's the pricing going to be?
Joining the waitlist locks in 50% off year one. Tiering will be public well before launch — we won't surprise you with a number.
-
Who built this?
Jared — a vulnerability management analyst tired of the part of the job that doesn't need a human. The team will grow once araseca has revenue. For now, every email goes to a real person.