The ScanSet Platform
Runtime enforcement, continuous evidence, and live threat modeling — built on cryptographic proof.
Provenance
Every command is intercepted before execution, evaluated against policy with full identity and device context, and cryptographically signed — whether allowed or denied. Both outcomes produce verifiable proof.
Explore Provenance →ProofLayer
Continuous evidence generation from runtime signals. Every control evaluation produces machine-verifiable artifacts — signed, timestamped, and anchored to a tamper-evident transparency log. Evidence is generated at the point of enforcement, not reconstructed after the fact.
Explore ProofLayer →PathFinder
Live threat modeling built on real evidence. PathFinder ingests enforcement and compliance data to visualize your environment as an interactive attack graph — exposing trust relationships, lateral movement paths, and control gaps in real time.
Explore PathFinder →