01
Coverage
What does Platform overview test?
- A complete adversarial security platform
- Run web, API, code, dependency, cloud, AI, and internal-network assessments from one queue with unified findings, evidence, remediation, and audit output.
- Dropdown section: What Pencheff does.
- OSV.dev, NVD 2.0, GitHub Advisory Database, RustSec, GoVulnDB, EPSS, CISA KEV, and SSVC enrichment.
- Manifest support for npm, PyPI, Go modules, Cargo, Ruby, Composer, Maven, OS packages, and container packages.
- SPDX 2.3 and CycloneDX 1.5 SBOM generation with optional Syft enrichment.
- Reachability annotation that separates exploited, reachable, present, and unknown risk.
- License policy checks and deterministic version-bump remediation for eligible dependencies.