SYS_ONLINE // BUILD 0.7.2 // ENGAGEMENT-GRADE

See every
exposure.
Triage with signal

ctOS:BLADE is a vulnerability intelligence and findings-tracking platform built for mid-market regulated firms. Ingest scanner output, pentest reports, and threat feeds into one signal-weighted backlog — with PoC evidence, SLA clocks, and auditor-ready exports baked in.

Request Access See Capabilities
blade@ctos ~ findings --live --tenant=demo
● STREAMING
14:22:07 CRIT F-4821 prompt injection → system-prompt leak on api.genai.prodOWASP-LLM-01 — SLA 72h
14:21:58 HIGH F-4820 stored XSS in /admin/users → chained w/ session fixation on portal.corp
14:21:33 CRIT F-4819 exposed S3 bucket — 12.4 GB PII readable anonymously — static-assets-prod
14:20:11 MED F-4818 outdated libcurl 7.68 → CVE-2024-2398 (heap overflow) — 14 hosts affected
14:19:47 INFO F-4817 TLS 1.0 still accepted on legacy edge → policy drift detected
14:19:02 HIGH F-4816 IDOR on /api/v2/orders/:id — authorization bypass — PoC attached
6 new findings in last 5m · 2 crit · routed to remediation queue · SOC notified
Avg Triage Time
11min
down from 4.2h industry avg
Noise Reduction
73%
via signal-weighted dedup
SLA Adherence
96%
across 1.2k tracked findings
Audit Exports
<60s
ISO / PCI / SAMA-ready
Problem_Space

Your scanner isn't your program. Spreadsheets aren't either.

Mid-market security teams are drowning in tools that surface findings but refuse to own the backlog. The work that actually matters — correlation, triage, remediation tracking, audit evidence — still lives in Excel, Jira tickets, and shared drives.

// 01

Fragmented findings

Qualys says one thing. Burp says another. Pentest PDFs live in Outlook. You rediscover the same vuln four times before anyone fixes it.

// 02

No signal weighting

Every CVSS 7.5 looks the same on paper. Without threat context, exploitability, and asset criticality, you patch symptoms while the real exposure sits open.

// 03

Audit season panic

When the regulator asks for evidence, you spend three weeks reconstructing a remediation trail from Slack messages and memory. That's not a program. That's theatre.

Capabilities

One backlog. Every source. Every finding accountable.

BLADE ingests the messy reality of modern security ops and turns it into a working program — with ownership, SLAs, and evidence trails that survive contact with auditors.

CAP-01

Multi-source ingestion

Normalize output from Nessus, Qualys, Burp, Semgrep, Trivy, pentest reports, and manual findings into a single schema. Dedup across sources. Preserve provenance.

Scanners Pentest LLM Red-Team Manual
CAP-02

Signal-weighted triage

Blend CVSS with asset criticality, exploit intel, and business context to produce a real priority score. Critical-on-paper that can't be reached drops. Medium-rated chainable bugs rise.

EPSS KEV Feed Asset Tier
CAP-03

Findings as first-class

Every finding has state, owner, SLA clock, remediation path, retest cycle, and linked PoC evidence. Not a ticket. A tracked artefact with a full lifecycle.

RBAC Workflow Audit Log
CAP-04

Auditor-ready exports

Generate regulator-grade reports in under a minute. Evidence packages with PoC screenshots, request/response, remediation proof, and retest confirmation — formatted for ISO 27001, PCI DSS, SAMA, and NCA CRF.

ISO 27001 PCI DSS SAMA NCA
CAP-05

PoC evidence vault

Attach curl payloads, screenshots, HTTP pairs, and video captures directly to each finding. Timestamped, tamper-evident, exportable. The chain of custody that makes a finding survive re-test disputes.

Tamper-evident Versioned
CAP-06

Deploy on your turf

Air-gapped, VPC, or SaaS. BLADE doesn't phone home. Your findings, your threat intel, your evidence — never leave your trust boundary unless you explicitly push them.

Air-gapped On-prem SaaS
Pipeline

From raw scanner output to closed, evidenced finding.

A four-stage pipeline that turns noise into a program. Every transition logged, every artefact preserved.

01
Ingest

Collect

Connectors for Nessus, Burp, Qualys, Semgrep, Trivy + manual upload. API or agent.

02
Normalize

Correlate

Dedup across sources. Map to assets. Enrich with EPSS, KEV, threat intel. Tag by business context.

03
Triage

Prioritize

Signal-weighted scoring. Route to owner. Start SLA clock. Attach PoC + remediation guidance.

04
Close

Verify

Retest workflow. Evidence preserved. Auditor export in seconds. Loop closed.

Built_For

We built BLADE for mid-market regulated firms who are too big for spreadsheets and too lean for Archer.

If your security team is 4–40 people, your auditor is real, and your scanner output exceeds what a shared Excel can reasonably track — you are our ICP.

  • Team Size4 – 40 sec eng
  • IndustryBFSI · Fintech · Gov
  • CompliancePCI · ISO · SAMA · NCA
  • Asset Count500 – 50,000
  • DeploymentOn-prem / VPC / SaaS
  • GeographyGCC · MENA · Global
Pricing

Priced for teams, not enterprises.

Three tiers. No per-finding fees. No surprise add-ons for the exports you already needed. Annual billing with a 20% discount. USD shown; invoiced in local currency on request.

Tactical
For a single team running a disciplined backlog.
$1,490/mo
Billed annually · up to 5 users
  • Up to 2,500 active findings
  • 3 scanner connectors
  • PoC evidence vault (5 GB)
  • Standard exports (PDF / DOCX / XLSX)
  • Email support · 24h response
Start Tactical
Operational
For security programs with auditors on the calendar.
$3,890/mo
Billed annually · up to 25 users
  • Up to 25,000 active findings
  • Unlimited connectors
  • PoC evidence vault (100 GB)
  • Compliance packs: ISO · PCI · SAMA · NCA
  • SSO / SCIM / RBAC
  • Retest workflows + SLA automation
  • Priority support · 4h response
Start Operational
Sovereign
Air-gapped, on-prem, or regulated-cloud deployment.
Custom
Annual license · unlimited users
  • Unlimited findings + storage
  • Air-gapped / on-prem deployment
  • Hardened appliance option
  • Custom compliance packs
  • Dedicated integration engineer
  • 24/7 support · 1h response · SLA
  • Source escrow on request
Talk to Us

Stop re-discovering
the same vulnerability.

Request a guided walkthrough with the engineering team. We'll wire up a scanner, import a recent pentest, and show you your backlog — signal-weighted — in under 20 minutes.

Request Access Book a Demo