Built a “brain” on top of vulnerability scanners to stop the post-scan analysis hell. Looking for feedback on the approach.

News

TL;DR: Built an agent to automate the annoying parts of security analysis. It’s completely free (not a timed trial) and acts as a central hub. You can feed it reports from Nessus, Burp, Nexpose, etc. It also has the Qualys web app scanning engine built-in, so you don’t need your own license. The AI’s job is to answer the question: “If I only have time to fix five things today, what should they be?” The agent is an executor – you give it a simple prompt (scan example.com) and it handles all the setup for you. Brutal feedback needed: does this approach actually save time, or is it just another dashboard? Link at the bottom. The Longer Story (The “Why”) Before I ended up in product, I spent years on the consulting side of cybersecurity. Like many of you, I’ve seen the aftermath of a breach more times than I can count. After a while, you see a pattern. Most of these companies weren’t getting breached because they had zero security tools. They were getting breached because they were drowning in data from those tools. The real problem was the massive gap between “scan complete” and “we know what to fix first.” It was a world of giant CSV exports, manually cross-referencing asset lists, trying to explain CVE scores to managers, and spending 80% of your time just trying to figure out where the real fire was. I hated it. I figured there had to be a better way. So, we built the Kikimora Agent. The goal wasn’t to create yet another scanner that just adds to the noise. The goal was to build the thing that comes after the scan—the brain that does the tedious analysis for you. Here’s the approach we took: Be the Central Hub: We know you already have tools. So, the first thing we built was the ability to just dump your Nessus, Burp, Nexpose, etc., reports into it. The idea is to have one place to see everything instead of a dozen. Include a Scanner Out-of-the-Box: For web apps, which are a huge source of pain, we decided to just bake the Qualys engine right in. You don’t need a Qualys license yourself; you can just tell the Agent “scan this web app,” and it handles the rest using their engine. Make Configuration Dead Simple: This is where the agent comes in. You type a single prompt like ”analyze my attack surface” or ”scan webapp example.com”, and it goes off and does all the configuration and execution on your behalf. The goal is to get you from zero to a running scan in under a minute. Prioritize Ruthlessly: It looks at all the data—from your imported scans and its own scans—and tries to answer one question: “If I only have time to fix five things today, what should they be?” It correlates asset context, vulnerability data, and exploitability to push the real-world risks to the top. Why I’m Here Asking You I’m not here to sell you anything. The tool is currently just a free tier. It’s not a trial; the plan is to keep a powerful free version available forever. I’m here because this community gives the kind of direct feedback you can’t get from anywhere else. I want to know if this approach even makes sense to you guys. Is the idea of a central “brain” on top of scanners useful, or just another layer of complexity? What’s a glaring feature that’s missing for this to be useful in your day-to-day? What’s the biggest turn-off you see in the platform? Is the “free Qualys scanning” part actually a valuable thing, or do most of you already have that covered? You can check it out here: https://agentic.kikimora.io Documentation and example prompts: https://kikimora.gitbook.io/kikimora-agent-guide-early-access/ Thanks for reading this wall of text. I’ll be in the comments all day to answer questions. submitted by /u/Extension-Ad2271 [link] [comments]Technical Information Security Content & DiscussionRead More