CVEasy AI
Architecture Map · v1.1
TRIS Lab Request Demo
CVEasy AI v1.1 · Patent Pending · Local-First

Everything We Built.
In One Map.

A complete local-first CTEM platform in a single application. 330K+ CVEs. 12-layer TRIS v2 scoring. 19,608 attack payloads. Zero cloud dependency. Click any component below to see what it does and how it fits into the system.

330K+
CVEs Indexed
NVD + GHSA + OSV, local SQLite
12
TRIS v2 Layers
5 patent-pending · novel dims
19,608
Attack Payloads
BASzy · 124 modules
9
Scanner Formats
Nessus, Qualys, Rapid7, ...
49+
APT Groups Tracked
With TTPs & sector mappings
0
Cloud Calls
100% on your hardware
System Architecture

The Full Pipeline. Data in, intelligence out.

Nine data sources feed five processing stages with TRIS v2 at the center. Eight output surfaces consume the scored intelligence. Every box is a shipping capability. Click any component for details.

Data Sources · Ingestion
Core Processing
TRIS v2 Novel Layers
Outputs & Integrations
Data Sources 09 components
Multi-Scanner Import
9 formatsCSV/XML/JSON
Agentless Discovery
0 agentsOne graph
Cloud Scan Engine
204 CIS checksAWS/Azure/GCP
SBOM Intake
CycloneDXSPDX
CVE Database
330K+ CVEs626MB seed
EPSS Feed
Daily syncFIRST.org
CISA KEV Catalog
~3x weeklyBinary
Threat Actor Intel
49+ APTsTTPs mapped
MITRE ATT&CK
v15600+ techniques
Core Processing 05 stages
Stage 1. Asset Classification
CTEM Scope13 role types
Stage 2. Vulnerability Normalizer
CTEM Discover4x dedupe ratio
Stage 3 · Flagship · Patent Pending

TRIS v2 Intelligence Engine

12-layer vulnerability scoring. The only engine that combines all twelve dimensions. Click any layer chip to explore.

12
Layers
5
Novel
0 to 100
Score Range
L1 CVSS L2 EPSS L3 KEV L4 Business L5 Exposure L6 Threat L7 Temporal L8 Attack Path L9 Supply Chain L10 Defense L11 Trajectory L12 Financial
Stage 4. BASzy Engine
19,608 payloads124 modules
Stage 5. Local AI Engine
47ms gen0 cloud calls
Outputs 08 surfaces
Triage Queue
5 bandsKanban
Remediation Runbooks
4 OS targetsApply + verify + rollback
Patch Orchestration
5 connectorsClosed-loop verify
Board Reports
PDF exportOn-demand
Compliance Packs
7 frameworksHIPAA/PCI/SOC2/...
REST API
Token authNo rate limits
SIEM Forward
SplunkSentinelElastic
TRIS v2 Calculator
Public toolInteractive
Head to Head

How We Compare to Every Other Platform.

Every row below is a capability we ship today. Every other column is what the market-leading alternative offers. No "partner integrations required" asterisks.

Capability CVEasy AI Tenable One Qualys TruRisk Rapid7 InsightVM Picus PXS
Vulnerability scanning Import + agentless ·
Multi-scanner normalization 9 formats · · · ·
Multi-layer scoring 12 layers VPR (5) TruRisk (5) Risk Score ·
Attack path blast radius Layer 8 · · · ·
SBOM supply chain scoring Layer 9 · · · ·
Defense efficacy (ATT&CK coverage) Layer 10 · · · Partial
Predictive threat trajectory Layer 11 · · · ·
FAIR-based financial quantification Layer 12 · · · ·
Built-in breach & attack simulation 19,608 payloads · · ·
AI remediation (per CVE, per OS) Local LLM · · Generic ·
Cloud posture (CSPM/CIEM) Wiz-class, local Add-on Add-on Add-on ·
Patch orchestration (through your consoles) 5 connectors · Own module Own module ·
Local-first / air-gapped capable 100% Cloud Cloud Cloud Cloud
Flat-rate pricing (no per-asset fees) Flat-rate Per asset Per asset Per asset Per node
Setup time < 5 min Weeks Weeks Weeks Days
Platform Capabilities

Eleven Things Your Current Stack Doesn't Do.

Every card is a concrete capability with real numbers. No roadmap items. No "coming soon." This is what ships today in CVEasy AI v1.1.

Scoring

12-Layer TRIS v2

The only scoring engine that combines CVSS severity, EPSS probability, KEV confirmation, business impact context, network exposure topology, threat pressure, temporal dynamics, attack paths, supply chain, defense efficacy, predictive trajectory, and FAIR financial impact.

12
Layers
Patent
Pending
Validation

BASzy Attack Engine

Built-in breach and attack simulation with 19,608 payloads across 124 modules. 10 pre-built APT campaigns. Every execution scope-enforced and audit-logged. Validation results feed back into TRIS v2 scoring.

19,608
Payloads
124
Modules
Remediation

Local AI Runbooks

On-device LLM generates exact remediation commands per CVE, per OS, per asset. Verify and rollback commands included. Private RAG ingests your internal runbooks. 47 milliseconds per runbook. Zero cloud inference.

47ms
Gen Time
4 OS
Targets
Discovery

Multi-Scanner Consolidation

Ingests findings from Nessus, Qualys, Rapid7, OpenVAS, Nuclei, Burp Suite, OWASP ZAP, Trivy, and custom CSV. Normalizes field names across formats. Deduplicates across tools. 4x average reduction ratio.

9
Formats
4x
Dedupe
Intelligence

Threat Actor Tracking

49+ named APT groups with their known toolkits, TTPs, and sector targeting. Every CVE gets cross-referenced against active campaigns. If APT29 is using a CVE against your industry, TRIS v2 knows.

49+
APT Groups
TTPs
Mapped
Compliance

Framework Mapping

Automatic mapping to NIST CSF, NIST 800-53, SOC 2 Type II, PCI DSS, HIPAA, FedRAMP, ISO 27001, and CIS Controls. Audit-ready evidence packages export in a single click.

7
Frameworks
Auto
Map
Architecture

Local-First Runtime

Runs entirely on your hardware. No cloud dependency. No telemetry bus. No inference calls leaving the machine. Air-gapped capable out of the box. Runs in DoD SCIFs, healthcare residency environments, and industrial control networks.

100%
Local
SQLite
Storage
Scope

Automatic Asset Classification

Every asset gets auto-tagged by role (13 categories), criticality tier (Crown / Prod / Staging / Dev), business owner, and compliance zone. No manual spreadsheets. Feeds directly into TRIS v2 Layer 4.

13
Roles
4 Tiers
Criticality
Executive

Board-Ready Reporting

Automated PDF reports with risk trends, MTTR metrics, SLA compliance rates, financial impact quantification, and business-impact narratives. The kind of report a CISO actually wants to send to the audit committee.

PDF
Export
FAIR
Metrics
Cloud

Cloud Scan Engine

Proprietary cloud posture (CSPM) and cloud identity and attack-path (CIEM) engine built by CVEasy, not resold. Covers AWS, Azure, and GCP from one place with 204 CIS-tagged checks and a per-framework compliance coverage rollup. Runs against your own accounts, results stay in your local instance. Does what Wiz does for cloud posture, without per-asset cloud pricing.

204
CIS Checks
3
Clouds
Mobilize

AI Patch Orchestration

CVEasy generates the OS-specific fix, then orchestrates deployment through your existing patch and MDM consoles: Microsoft Intune, Automox, Tanium, Jamf Pro, PDQ Connect, plus a universal webhook fallback. Fail-closed, AES-GCM-encrypted credentials, and a closed-loop re-scan that confirms the fix. It does not push patches to endpoints itself, it drives the tooling you already own.

5
Connectors
Closed
Loop
Component
 
 
See it running on your data