MONITOR
Overview0 Executive MSP Threats0 Remediation0 Threat intel
MANAGE
Agents Hosts Web scan Cloud Reports Compliance Settings
?
Overview
loading...
30s
← strixsecurity.org

No scan data yet

Deploy the Strix agent on a client machine to start monitoring. Results appear here automatically after the first scan.

HOSTS
0
discovered
CRITICAL
0
require action
HIGH
0
within 24h
CVEs MATCHED
0
from NVD
REMEDIATED
0
this session
Discovered hosts
IPHostnameOSPortsRisk
Deploy an agent to discover hosts
Activity feedLive
i
Strix ready — loading latest scan...
now
Risk distribution

Deploy an agent to see risk breakdown.

Active threats

No threats detected yet.

RISK SCORE
current
IMPROVEMENT
vs baseline
TOTAL SCANS
recorded
COMPLIANCE
status
REMEDIATED
this month
Risk trend30 days
Risk gauge
0 RISK SCORE
Top findings

No scan data yet.

Executive briefing

Click "AI briefing" to generate an executive summary.

All (0)
Critical
High
Medium
Low
Threat findings

No threats detected. Deploy an agent to scan your network.

Playbook preferences
Patch playbooks
Critical & high severity
Firewall rule gen
Block malicious IPs
Isolation playbooks
Quarantine infected hosts
Credential guidance
Rotate compromised creds
TLS hardening
Disable legacy protocols
Audit logging
Log all approved actions
Remediation queue

Remediation actions will appear after an agent scan completes.

Threat intelligence — powered by AIMITRE ATT&CK · NVD · AlienVault
Ransomware
Zero-days
APT groups
Botnets
Supply chain
ICS/OT
Phishing
Cloud attacks
Select a topic and fetch the latest threat intelligence.
Connected agents
Agent IDHostnameOSLocal IPNetworkLast seen
No agents connected. Deploy an agent on a client machine.
Authenticated scanning credentials encrypted on agent

Provide credentials to enable deep authenticated scanning — finds missing patches, weak accounts, and misconfigurations that port scanning can't detect.

AGENT
HOST IP (or * for all)
OS TYPE
USERNAME
PASSWORD
DOMAIN (Windows only)
⚠ Credentials are encrypted on the agent machine using your API key. They are never stored on Strix servers.
All hosts
IPHostnameOSOpen portsRiskTagsScans
Deploy an agent to discover hosts
Web application scan OWASP Top 10 (2021)

Scan any public web application for OWASP Top 10 vulnerabilities. All probes are passive and non-destructive.

OWASP Top 10 coverage
A01
Broken Access Control
A02
Cryptographic Failures
A03
Injection
A04
Insecure Design
A05
Security Misconfiguration
A06
Vulnerable Components
A07
Auth Failures
A08
Integrity Failures
A09
Logging Failures
A10
SSRF
Findings

Run a web scan to see findings here.

Scan history
TargetStatusFindingsCriticalStartedAction
No web scans yet.
AI executive report

Complete a web scan then click "Generate report" for an AI-written executive security assessment.

DNS scanning SPF · DMARC · DNSSEC · Zone Transfer

Audit DNS configuration for email spoofing risks, zone transfer vulnerabilities, and DNSSEC status.

Run a DNS scan to see findings here.

SSL/TLS scanning Certificate · Cipher · HSTS

Check SSL certificate validity, TLS version, cipher suites, and HSTS configuration.

Run an SSL scan to see findings here.

API security scanning CORS · Headers · Auth · Disclosure

Test API endpoints for CORS misconfigurations, missing security headers, sensitive data exposure, and unauthenticated access.

Run an API scan to see findings here.

Container scanning CVEs · Secrets · Misconfigurations

Scan Docker images for CVEs, baked-in secrets, root user issues, and exposed ports. Uses trivy when available.

Run a container scan to see findings here.

AI security report

Click "Generate report" to create an AI-written executive security report based on your latest agent scan results.

Cloud scanning AWS · Azure · GCP

Connect your cloud accounts to scan for misconfigurations, exposed resources, IAM issues, and compliance gaps.

AWS — IAM Role (recommended)
ROLE ARN
EXTERNAL ID (optional)
ℹ Create an IAM role with SecurityAudit policy attached and trust policy allowing Strix to assume it. Use External ID for additional security.
OR USE ACCESS KEYS (less secure)
ACCESS KEY ID
SECRET ACCESS KEY
SOC 2 Type II
Compliance score
pass fail warn
PCI DSS v4.0
Compliance score
pass fail warn
HIPAA
Compliance score
pass fail warn
Run Assessment
FRAMEWORKS
SCAN SOURCES (optional)
Network scan ID
Web scan ID
Controls
FRAMEWORK ID CONTROL CATEGORY SEV STATUS
Run an assessment to see controls.
AI Compliance Report
Select a framework and click Generate for an AI-written compliance narrative.
Assessment History
DATE SOC 2 PCI DSS HIPAA ACTIONS
No assessments yet.
Client organizations

Loading clients…

Branding & white-label
Account & billing
EMAIL
ROLE
CURRENT PLAN
Security
Two-factor authentication
Add an extra layer of security to your account. Highly recommended.
Change password
Update your dashboard login password.
API key
Use your API key to authenticate CLI tools, agents, and integrations. The full key is shown once on generation.
INTEGRATIONS & NOTIFICATIONS
NotificationsAlert preferences
Email alerts
Critical & high threats
Slack notifications
All findings
PagerDuty
Critical only
Webhooks
Custom endpoint
Slack Not configured
Jira Not configured
Auto-create tickets
For critical and high findings
ServiceNow Not configured
Auto-create incidents
For critical and high findings
PagerDuty Not configured
Triggers on critical findings only.
Webhooks No endpoints
Splunk Not configured
Push findings to Splunk via HTTP Event Collector (HEC). Findings are also auto-pushed after each scan.
Push on critical
Push on high
Push on scan complete
Elasticsearch Not configured
Push findings to Elasticsearch via the bulk API using your Elastic Cloud ID. Findings are also auto-pushed after each scan.
Push on critical
Push on high
Push on scan complete
Microsoft Sentinel Not configured
Push findings to Microsoft Sentinel Log Analytics via the HTTP Data Collector API. Findings are also auto-pushed after each scan.
Push on critical
Push on high
Push on scan complete
Scheduled Reports Not scheduled
Danger zone
Delete account
Permanently delete your account and all associated data including scans, agents, and credentials. This cannot be undone.