Hand us a domain. Get back the kind of evidence your auditor, your underwriter, and your largest customer have started asking for — runnable on your engineer's own laptop, signed end-to-end, on a daily cadence. This page is the architecture under that loop, written plain-language first, technical depth second.
In one paragraph
You authorise a domain. We map what's exposed. We test the chains most likely to land for that kind of asset, double-check anything that looks real, and seal every confirmed finding into a signed package your team runs themselves. They run it, watch the issue, ship the fix, and run it again to confirm the fix held. The whole loop — from "this could be a problem" to "we have the receipts" — is verifiable end-to-end. Below: the architecture in plain English first, then the technical depth.
The framework, anchored on every page
Four active verbs. Each one names a real capability your team gets to run, see, and verify themselves — before, during, and after the breach window.
Continuously map the surface a real attacker would map. Reason about where the most likely exploit lives. Refuse to ship findings the system can't justify.
Capability: Asset Discovery · passive enumeration · planner-driven prioritisation
Reproduce the exploit in a sealed, signed capsule. Sanitise it. Calibrate the confidence. Refuse to ship anything a second independent agent can't replay.
Capability: Independent validation · sanitisation gate · calibrated confidence
Hand engineering the patch citation, the remediation guidance, and the controls each finding touches — pre-mapped to SOC 2, ISO 27001, HIPAA, PCI-DSS.
Capability: Patch citation · compliance mapping · CI integrations
Re-run the same capsule after the fix and confirm the close cryptographically. Wire the retest into CI so a regression fails the build automatically.
Capability: One-command retest · CI build-gate · signed audit archive
The six-stage chain inside the framework
You verify ownership with a verification link or DNS record. No agent install on your side. Marginal scan cost is compute, not licence.
Subdomains, technologies, certificates, exposed services. A graph of your external attack surface, refreshed every run.
An AI planner picks the test chains most likely to land for what you actually have running. Smart enough to know when to dig deeper and when to stop.
The chosen chains run against your asset, with a safety envelope that ensures the AI never makes a change it can't undo.
An independent agent re-runs anything flagged as a finding. Two confirms required before anything reaches your dashboard.
Confirmed findings ship as signed Proof Capsules. Outcomes feed back into the system. Tomorrow's run is sharper than today's.
Every stage emits a forensic-grade record. Any chain is fully replayable. Engineering can audit any decision the system made.
Plain-language first, technical depth second
A planning agent looks at what's actually on your surface and decides where to spend the test budget. It's smart enough to know when to dig deeper into a promising chain and when to back off. You get fewer noise findings and more of the ones that matter.
A plan-and-execute outer loop runs against an asset graph plus a corpus of tagged tests, with reflexion-style gates that decide whether to expand a test chain or close it. Bounded payload mutation generates variants within the documented technique class only.
Before any test runs, the system builds a sandbox that can only talk to the host you authorised. Production-tagged hosts get a delay and a typed-confirmation step. We make sure the AI never makes a change it can't undo.
A scope contract bounds every scan: domain whitelist, port whitelist, request-rate ceiling, exclusion list. Out-of-scope hits are refused at the planner, not just the network layer. Destructive-action classification blocks payloads with non-reversible side-effects from generation.
Anything that looks like a finding gets re-run by an independent system before it reaches your dashboard. Two confirms required. Single-shot results don't ship.
A separate validator agent re-executes the exploit chain against the same target with the same payload set, computes a calibrated confidence score against a per-class baseline, and gates delivery. Findings that don't reproduce on the second run are quarantined for review.
Every confirmed finding is packaged into a Proof Capsule that's signed end-to-end. Anyone can verify it offline using open tools. Tamper any byte and the signature breaks.
Capsules ship as OCI images or signed shell bundles. Signing follows an open standard anchored to a public, append-only log. The capsule schema and the verify-only tool ship under an open licence so customers, auditors, and partners can verify without our infrastructure.
Every outcome — confirmed finding, false positive, fix-confirmed retest — feeds back into the system. New disclosures from the wider world get tested against the catalogue overnight, so coverage moves at the speed of disclosure.
A patch-mining nightly chain ingests public commits, advisories, and pull-request diffs, derives candidate test variants, validates them against a corpus, and ships the surviving variants into the catalogue the next day. Tested against the same techniques real attackers use.
The safety envelope
That's the hardest engineering problem in autonomous validation — not "can the system find the exploit" but "can it find the exploit without breaking production." Six layers of guardrail.
Every scan is bound to a scope contract: domains, ports, request-rate ceiling, exclusion list. Out-of-scope hits are refused at the planner, before they reach the network.
The AI only generates payloads inside the documented technique class. Anything with a non-reversible side-effect — data writes, configuration changes — is blocked at generation. We make sure the AI never makes a change it can't undo.
Every finding is re-executed by a separate validator agent before it reaches your dashboard. Two confirms required. Single-shot exploits don't ship.
Before a Proof Capsule is built, every byte is scanned for secrets, personal data, and out-of-scope references. A hit fails the build. The dashboard previews exactly what's inside before any download.
Production-tagged hosts get a thirty-second countdown and a typed-host-name confirmation before any capsule runs. Belt-and-braces against accidentally exploiting prod.
Every request, every payload, every decision the planner made is logged with a stable identifier. Engineering can audit any chain end-to-end. Customers can request the full lineage on any finding.
Integrations
GitHub PR comments with severity and capsule link. GitLab pipeline integration. Retest webhook in pre-merge: build fails on regression. Scan-on-deploy hooks for common platforms.
Jira, Linear, Notion, Plane ticket creation with capsule attached. Slack and Microsoft Teams alerts. PagerDuty for P0/P1 escalation. Webhook for everything else.
SAML, OIDC, Okta, Azure AD, Google Workspace. SCIM provisioning for Fortress. SSO required at Fortress tier and for partner programs.
Webhook into Splunk, Datadog, Elastic, Sumo Logic. JSON event stream of scan lifecycle and findings. Capsule metadata exportable as standard threat-intel formats.
One-click export against SOC 2, ISO 27001, HIPAA, PCI-DSS, NIS2, CMMC-light. Each finding pre-mapped to controls. The auditor gets the report in the language they cite. Tested against the same techniques real attackers use, mapped to the standard taxonomies your auditors expect.
Default deployment is global. EU, US, APAC, or your own VPC available on request. Sub-processor list and data-flow diagram on the Trust Center.
The roadmap
We tell you what we've built and what we're building. The full roadmap is documented publicly; headline milestones below.
Daily autonomous scans. Bounded AI-generated payload variants with a safety envelope. Find → Prove → Fix → Verify chain. Watermarked Proof Capsules. Patch-mining nightly run. Forensic-grade observability per chain.
Verifiable today: run a free scan and inspect the capsule.
Capsule auto-generation for the top fifteen finding classes. celvex retest in CI as a build gate. Browser-native capsule runner so unconfigured laptops can verify. Capsule schema open-sourced under an open licence.
Verifiable on ship date: roadmap published with quarterly milestones.
Multi-agent debate planner. Patch-diff-to-coverage transformer with single-digit-hour latency. Self-improving feedback loop with calibrated confidence at the per-finding level, audited methodology, third-party benchmark.
We won't claim it before a published benchmark validates it.
The fastest way to evaluate
Just your domain and your work email. We'll handle the rest.
CELVEX Group