DM ← BACK
PROJECT

CYBERONE

VULNERABILITY MANAGEMENT SAAS

NEXT.JSPRISMAMULTI-TENANTPDF REPORTSAI ASSIST
YEAR2026
ROLEFounder / Full-stack Engineer
AREAAI Development & Integration
STATUSLive
v3.5LIVE IN PRODUCTION
SaaSSUBSCRIPTION PRICING
Hours → minutesREPORT TURNAROUND
01

THE PROBLEM

The enterprise tools — Qualys, Rapid7, Tenable — are capable platforms: they scan, they provide dashboards, they generate their own reports. The barrier is commercial: enterprise B2B contracts running into thousands a year, priced per asset, sold through a sales cycle, and aimed at organisations with a security team already in place. A small MSSP or a mid-market company that needs to know where it stands is either priced out or paying for a platform far larger than the problem. And even with those tools in hand, the last mile is still manual — the raw scan export has to be de-duplicated, triaged, stripped of anything that should not leave the building, and rewritten into something the client can act on. That takes days of senior analyst time, and it repeats after every re-scan.

ONE ENTRY POINT, TWO PORTALS — THE PLATFORM ROUTES ADMINS AND CLIENTS TO DIFFERENT SURFACES
02

THE SOLUTION — ONE PIPELINE, TWO AUDIENCES

CyberOne is a multi-tenant platform with a hard split down the middle. The security team works on the admin side: import a scan session, and the platform normalises the export, de-duplicates findings across assets, matches them against a synced CVE database, scores risk and starts an SLA clock on every instance. The client sees only their own tenant — the same findings, sanitised, with the internal detail stripped out and the remediation steps left in. The report the client reads is generated from the same records the analyst is working on, so it is never a stale snapshot.

ADMIN DASHBOARD — POSTURE ACROSS EVERY CLIENT TENANT AT ONCE
193 FINDINGS, 84 UNIQUE, 16 ASSETS AFFECTED — DE-DUPLICATED AT IMPORT
03

TRIAGE AT SCALE

The volume is the difficulty. An analyst needs to get from 193 raw findings to the handful that matter, which means filtering by severity, CVSS, detection confidence, SLA state and remediation status — and being able to flip between a flat list of instances and a view grouped by fix, because one patch usually closes a dozen findings. Every instance carries its own status, first-detected and last-detected dates, so re-scans update the record instead of creating a new pile.

  • Severity, CVSS threshold, confirmed vs potential, open vs remediated, within-SLA vs overdue — all composable filters.
  • Grouped-by-fix view collapses many findings into the single action that resolves them.
  • SLA tracking per instance, so an overdue critical is visible without anyone running a query.
  • Asset inventory ties each finding back to the machine it was found on.
INSTANCE-LEVEL TRIAGE WITH SLA STATE AND DETECTION HISTORY
ASSET INVENTORY — FINDINGS TRACED BACK TO THE HOST (CLIENT DATA REDACTED)
04

THE CLIENT PORTAL

Most vulnerability work is delivered as a PDF and a meeting. Here the client logs into their own portal and sees their live posture: what is open, what has been remediated, how the score has moved, and which of their assets are affected. They get the report as a document when they want one, but they no longer have to wait for it to know where they stand — and neither does the security team, because remediation progress reported by the client updates the same records the analyst is triaging.

CLIENT DASHBOARD — THEIR TENANT, THEIR POSTURE, LIVE
THE CLIENT'S OWN FINDINGS, SANITISED
CLIENT-SIDE ASSET VIEW (CLIENT DATA REDACTED)
05

REPORTING & REMEDIATION GUIDANCE

The generated report is the deliverable, and it received the most development attention. It opens with the top ten prioritised vulnerabilities — ranked by risk severity and the number of assets affected — and every one carries numbered, plain-English remediation steps rather than a bare CVE reference. Remediation progress is tracked against the report itself, so the current state — items resolved, items overdue — is stated on the page rather than left to be worked out. Reports export to HTML and PDF.

GENERATED REPORT — EXECUTIVE SUMMARY AND RISK BREAKDOWN
TOP-10 PRIORITISED FINDINGS, EACH WITH NUMBERED REMEDIATION STEPS
06

THE BENEFIT

The report that used to take days of analyst time is generated in minutes from records that are always current, and the sanitisation that used to depend on someone remembering to redact is enforced by the tenant boundary. The client stops waiting on a document to understand their exposure, and the security team stops rebuilding the same deliverable after every re-scan. It is sold as a subscription that can be signed up for and used the same day, rather than a five-figure enterprise contract with an onboarding project — which puts the reporting workflow of a Qualys or a Rapid7 within reach of the small MSSPs and mid-market companies those platforms price out. It is live, in use, and it is the product Aexurge sells.

07

SECURITY POSTURE

The platform holds client vulnerability data — among the most sensitive information a client can hand over, since it amounts to a guide to how they could be attacked. That shaped the build: MFA with TOTP and email OTP, encrypted fields at rest, tenant isolation enforced at the query layer rather than in the UI, and a full audit log of every access and export. The screenshots on this page come from a real engagement, so hostnames, IP addresses and client identifiers are redacted.