For inherited systems and modernization decisions

Decision-ready architecture and repo-risk reviews, with evidence attached.

SOT Navigator helps CTOs, founders, and software consultancies understand where risk concentrates before roadmap, migration, rescue, or diligence decisions. Every claim is evidence-linked. Unknowns are explicit.

Request scope View case studies AI builder snapshot Proof bundle Trust and method Ask a question

Deterministic: same input, byte-identical output.

Traceable: claim -> file path + hash + line.

Honest: unknowns are surfaced, not hidden.

Fixed-scope offers

Premium outcomes without consulting sprawl.

Engagements are fixed-scope and decision-focused to keep delivery fast and quality high.

Architecture Decision Review

4 business day target

1 system or repo estate
Decision memo + next-step sequencing
One readout for owner alignment

Risk Baseline

72h delivery target

1 repository
Executive one-pager + evidence pack
Unknowns and confidence disclosure

Diligence Sprint

Board and investor ready

1-2 repositories
CTO, Security, and CFO briefs
60-minute readout call

Proof

Artifacts stand on their own.

Outputs are designed to be reviewed by leadership and verified by technical teams.

Public proof demonstrates capability and trust boundaries. Full target-specific control and evidence packs are scoped and NDA-first.

Executive Risk Snapshot for leadership decision framing.
Evidence Index for claim-by-claim verification.
Unknowns Register + Coverage for confidence context.
Risk and Blast Maps for change-impact reasoning.
Proof Bundle for public claim-to-artifact verification.

Request sample artifact pack See artifact guide

Unknowns are explicit first-class outputs.

Blast radius and dependency propagation hotspots.

Engagement fit

Who this is for and not for.

Best fit

Inherited system, modernization, or rescue decision is live.
Need for evidence-backed prioritization, not generic consulting.
Clear owner, timeline, and budget.

Outside standard scope

Open-ended custom consulting or staff augmentation.
Code-style linting or SAST replacement requests.
"Just exploring" without business trigger.

Use-case paths

Pick the path that matches your trigger.

M&A Diligence

For acquisition and investment decisions with short decision windows.

Open diligence path

Compliance Readiness

For audit-prep cycles requiring deterministic technical evidence mapping.

Open compliance path

CTO Baseline

For leadership-level risk baselining and board-ready engineering posture updates.

Open CTO path

Inherited Systems

For inherited repo estates, modernization pressure, and hard sequencing decisions before delivery expands.

Open modernization path

Execution model

Choose the delivery model that matches your constraints.

Every model produces the same deterministic, evidence-linked outputs. The difference is where execution happens and how much operational lift your team carries.

Concierge Run

Recommended

Fastest path: we run, package, and brief your team.
Lowest internal lift for engineering and security teams.
Best fit for diligence, board, and audit deadlines.

Select concierge run

Customer-Run Offline

Air-gapped / regulated

Signed offline runner for your controlled environment.
Commit-bound access key with scoped permissions controls.
Maximum repository custody for strict governance models.

Select offline run

Joint Guided Run

Collaborative execution

Your team executes locally with our guided setup session.
Shared validation during run and artifact review.
Balanced control and speed for mixed ownership teams.

Select joint run

Execution model pricing ladder

Base scope is set by engagement type; execution model determines delivery premium.

Execution model	Commercial tier	Premium vs base scope	Best when
Concierge Run	Standard	Included	You need the fastest path to a decision-ready readout.
Joint Guided Run	Premium	+20% enablement premium	You want local execution with guided validation.
Customer-Run Offline	Enterprise	+45% security packaging premium	You require strict repository custody or air-gapped execution.

Optional accelerators: rush SLA (<=10 business days) +25%; board/audit live readout add-on; multi-repo orchestration priced per additional repository.

Process

Simple engagement flow.

1. Scope: fixed scope and timeline agreed.
2. Run: deterministic scan and artifact generation.
3. Deliver: package with evidence and integrity outputs.
4. Decide: readout and next-step decision.

Decision speed

Manual diligence vs artifact-led decision flow.

Decision activity	Typical manual effort	SOT Navigator output
Risk zone identification	Days of code review	Produced from structural graph
Claim traceability	Spreadsheet evidence mapping	Path + hash + line anchored
Confidence disclosure	Implicit or missing	Unknowns and coverage explicit
Readout readiness	Multiple iterations	Executive + analyst-ready artifacts

Scope request

Request your fixed-scope proposal.

Share the key details and get a fast fit assessment with a fixed-scope proposal path.

Fit signal

Complete the required fields to see your fit signal before sending.

Engagement type

Execution model

All options produce deterministic artifacts; delivery speed and operational ownership differ.

Organization

Role

Work email

Repository count

Timeline

Budget range

Primary trigger

Notes (optional)

Ask a direct question

Public validation runs

Reproducibility demonstrated on public codebases.

Saleor

Commerce

Fresh public run on a production commerce platform with payment-provider evidence and 100% provider linkage.

Run 2026-02-15 | PASS | HIGH (90%)

Runtime 20.3s | 4,553 files | 15,028 nodes

saleor/graphql (92 risk, blast 319)
saleor/order (71 risk, blast 334)

View case study Open repository

Medusa

Commerce Infrastructure

Large-scale commerce infrastructure run with strong graph depth and evidence-backed provider signals.

Run 2026-02-15 | PASS | MEDIUM (79%)

Runtime 38.76s | 20,940 files | 19,090 nodes

packages/admin/dashboard/src/hooks (46 risk, blast 460)
packages/admin/dashboard/src/hooks/api (43 risk, blast 466)

View case study Open repository

PostHog

Product Analytics Platform

High-complexity product platform run showing deep dependency graph and high-volume auth/PII exposure signals.

Run 2026-02-15 | PASS | MEDIUM (71%)

Runtime 70.83s | 17,184 files | 57,917 nodes

posthog (190 risk, blast 674)
ee (133 risk, blast 469)

View case study Open repository

Hanko

Identity Infrastructure

Identity-focused validation run with high auth signal density, explicit control gaps, and deterministic evidence traceability.

Run 2026-02-15 | PASS | MEDIUM (62%)

Runtime 15.25s | 1,043 files | 978 nodes

frontend/elements/src/pages (13 risk, blast 8)
backend/config (10 risk, blast 49)

View case study Open repository

See all validation cases

Need a decision-ready baseline?

Share scope details and timeline. If fit is confirmed, you get a fixed-scope proposal.

Request scope Ask a question