SOT

SOT Navigator

Deterministic codebase risk artifacts
Back to home

Artifact guide

What each artifact gives you.

These outputs are designed so leadership can make decisions and technical teams can verify the underlying evidence quickly.

Public artifact examples are intentionally narrow for market clarity. Full target-specific artifact packs are delivered under scoped NDA engagements.

Executive Risk Snapshot visual example

Executive Risk Snapshot

Decision summary: confidence, readiness gates, top risk zones, and immediate risk posture for leadership review.

Evidence Index visual example

Evidence Index

Traceability layer that maps claims to source locations and lets technical reviewers verify assertions directly.

Preview is generated from real `evidence-index.json` run output (truncated for readability).

Unknowns Register visual example

Unknowns Register

Explicit disclosure of blind spots and quality gaps so confidence is transparent, not assumed.

Blast radius map visual example

Risk and Blast Maps

Structural propagation and hotspot views that identify change-amplification zones and high-impact folders.

Preview uses deterministic run excerpt from the impact/blast map output.

Visual excerpts and legend

These are public excerpts from deterministic self-runs to show output shape and interpretation. Engagement delivery includes target-specific visuals from the scoped repository scan.

Risk Matrix

Risk matrix visual example
  • Shows impact/likelihood concentration for this run.
  • Cell intensity communicates relative concentration and priority.
  • Interpreted together with top-risk folders and blast-radius outputs.

Compliance Overlay

Compliance overlay visual example
  • Top rows are the highest-risk mapped folders.
  • N/A means mapped control is not applicable for that target context.
  • Framework bars are target-scan status counts, not legal certification results.

Public proof preview (no NDA)

  • Representative visuals and case-study outcomes.
  • Clear scope, method, and verification boundaries.
  • No target-confidential raw evidence is published.

NDA delivery package (scoped)

  • Complete traceability artifacts (`evidence-index.json`, `unknowns.json`, `artifacts.sha256`).
  • Full control mappings and compliance overlay outputs for the target scan.
  • Target-run deliverables ready for engineering, security, and audit review.
Request sample artifact pack View case studies