What shipped. New capabilities and improvements to the XSEE platform.
Explorer Graph — 5 tabs with real data
All 5 Explorer tabs (Attack Paths, Network, CI/CD, NHI, IAM) now show real AWS data from your environment. Every node is a real resource with its actual name, ARN, and risk level.
L2 Evidence Layer
Every edge on the attack graph shows whether XSEE called the AWS API and what it returned. Click any edge to see the AWS requestId — cryptographic proof the hop is real. No other tool shows this.
Choke Points + Blast Radius
Right-click any node to see its blast radius — every resource an attacker could reach from that point. Nodes appearing in 3+ attack paths are highlighted as choke points: fixing one closes multiple paths simultaneously.
Cinematic Breach Simulation
Watch an attacker move through your real infrastructure. Pink cursor traverses each hop. Detection gaps show as silent invisible steps. Crown jewel reached: financial counter climbs to your actual exposure. BREACH SUCCESSFUL.
Breach Prevention Certificate
When a path is validated, fixed, and re-validated — XSEE issues a signed certificate. Board-ready. Timestamped. Verifiable by third parties via SHA-256 hash.
Ransomware Readiness Score
Every environment gets a 0–100 Ransomware Readiness Score. CRITICAL means an attacker can delete your backups with no recovery path. The score is connected to your real attack paths — not a questionnaire.
Optimal Cut-Point
XSEE identifies the single fix that closes the most validated attack paths simultaneously. Shown as ⚡ Priority Fix badge on the path and in Stage 5.
Autonomous Loop
One scan trigger runs all 7 stages automatically: Discover → Validate → Simulate → Prioritize → Fix → Verify → Certify. One human decision. Everything else: XSEE.
L2 Validation — Live AWS API per hop
XSEE calls iam:SimulatePrincipalPolicy for every hop in every attack path. Result: ALLOW or DENY with AWS requestId. Theoretical paths are separated from proven exploitable paths.
XseeCyber — Breach Simulation Engine
Active attacker simulation on your real AWS graph. MITRE ATT&CK cloud matrix with 45 techniques across 10 tactics. Detection gap scoring per technique. AI-generated attack variants.
Claude AI Engine
5 capabilities: explain path, explain remediation, investigate story, executive risk summary, ask anything. Streaming responses. Every investigation generates a board-ready narrative.