🛡 Platform Overview

The Breachr Platform

From sign-up to DORA compliance evidence in a single EU-hosted workflow. AI-first scanning. CREST-certified validation. Cryptographic audit trails. Regulator-ready reports.

Architecture Overview

breachr.ai

Vercel EU edge

→

Sensor

Docker · LAN passive

→

API Gateway

REST / OpenAPI 3.0

→

FusionAuth

SSO · AD · M365

→

Supabase DB

Frankfurt eu-central-1

→

AI Scan Engine

Claude · Llama · Mistral

→

Dashboard

Real-time results

Deep Dive: Core Capabilities

🤖

AI Scan Engine — Model-Agnostic

Agentic AI runs 1,247 test cases across OWASP Top 10, API Top 10, business logic, and cloud misconfigurations. Multi-LLM support: Claude Opus 4.5, Llama 3.1, Mistral — swap providers without breaking compliance. CVE correlation against live NVD feeds. MITRE ATT&CK scenario mapping tailored to financial and health sectors.

OWASP Top 10CVE correlationMITRE ATT&CKMulti-LLM

🔒

Cryptographic Audit Trail

Every AI-detected finding includes SHA-256 hash + RSA-2048 digital signature. BaFin can verify: which model found this vulnerability, when, with what confidence. RFC 3161-compliant timestamping. 2-year retention per DORA Article 11. This is what regulators demand — and competitors cannot provide without rebuilding from scratch.

SHA-256RSA-2048RFC 3161 timestampsBaFin-accepted

🔑

FusionAuth SSO — Enterprise Identity

AD, Azure AD/Entra ID, Microsoft 365, SAML 2.0, OAuth 2.0 — Breachr adapts to your client's existing identity stack. Enterprise clients get their own FusionAuth tenant with their own SSO configuration. Zero forced migration. MFA enforced.

Active DirectoryAzure ADSAML 2.0OAuth 2.0MFA

📊

Auto-Generated Compliance Reports

Every finding links to the specific PCI DSS requirement, DORA article, NIS2 clause, or HIPAA section it impacts. 50+ page compliance report generated in 5 minutes. CISOs get a board-ready summary. Compliance teams get auditor-ready evidence packages with cryptographic signatures. Saves 40 hours per quarter vs manual assembly.

PCI DSS evidenceDORA evidenceNIS2 attestationHIPAA safeguardsQSA-ready

📡

Attack Surface Inventory — Passive Sensor

Deploy a lightweight Docker container on your network. Passive ARP and DHCP sniffing discovers every device the moment it joins — no agents, no firewall changes, no disruption. Active nmap scanning every 4 hours maps open ports, services, and banners. CVE correlation runs automatically against live NVD feeds — every asset surfaces its risk score and CVE exposure. Satisfies DORA Article 8.4 ICT asset register requirements. Starter: 10 devices. Professional: 100 devices. Enterprise: unlimited.

Passive ARP/DHCPnmap active scanCVE correlationDORA Art. 8.4Docker sensor

Why Competitors Fall Short

Capability	Breachr	NoScope / Intruder	Terra / xBow / Tenzai
DORA Art. 26 TLPT	✅	❌	❌
EU data isolation	✅	❌ US-based	❌ US-based
Cryptographic audit trail	✅	❌	❌
LLM transparency (EU AI Act)	✅	❌ Black box	❌ Black box
On-premise deployment	✅	❌ Cloud only	❌ Cloud only
Auto PCI DSS/DORA/NIS2/HIPAA reports	✅	⚠️ Generic	❌
BaFin regulatory relationships	✅	❌	❌
Attack Surface Inventory	✅	❌	❌
DORA Art. 8.4 asset register	✅	❌	❌

Ready to Pass Your Next Audit?

Start free. EU servers. PCI DSS & DORA-ready from day one.

See Pricing →Contact Sales