A Claude-orchestrated assessment platform for serious portfolios.
The flagship offering. A planning agent decomposes the assessment; specialist agents handle recon, web, API, and auth coverage; the reporter agent writes CVSS-scored, PDPA-mapped findings — all under structured human authorisation at every action that touches a real target.
Eight components.
Plans the assessment from the scope brief, decomposes it into sub-tasks, routes to specialists.
Passive OSINT, certificate transparency, subdomain mapping, technology fingerprinting.
OWASP Top 10 (2021) checklist execution against in-scope web applications.
OWASP API Top 10 (2023) coverage — BOLA, broken authentication, over-exposure.
Authentication and session-management testing.
CVSS v3.1 scoring, finding write-ups, evidence chain, PDPA mapping.
nmap, nuclei, ffuf, sqlmap, Burp Suite API, custom scanners via MCP.
Scope enforcement, rate limits, kill switch, evidence chain-of-custody, authorisation gates.
Five stages.
Joint workshop with the client SOC. Agreed scope document. Authorisation letter. Infrastructure setup.
Stack deployed in the client environment, or Axiom-hosted, depending on data-sovereignty posture. Safety gates validated against benign targets first.
Tier 1 applications tested under joint Axiom-client oversight. Findings reviewed live with the SOC team.
Client team trained to run subsequent assessments. Couples naturally to the Training practice.
Optional move into Continuous Monitoring on a quarterly cadence.
- Live, deployed AI pentest stack in your environment
- Per-application vulnerability assessment reports — CVSS-rated, PDPA-mapped
- Portfolio-level risk dashboard
- SOC detection scorecard (the purple-team component)
- Architecture and operations documentation
- 90-day hypercare support
A synthetic run.
Every action that touches a real target requires structured authorisation. Every finding carries an evidence chain.


