Technology
A reasoning pipeline, not a scanner. Built for the AI era of software.
Cordon AI is composed of seven engineering layers. Each layer is independently useful; together they form a defensive validation pipeline designed to be reliable enough for enterprise AppSec teams to trust.
Multi-model orchestration
Many models, in specialized roles, working in parallel.
Every leading AI model has blind spots. We treat that as a feature of the ecosystem, not a flaw to engineer around. Cordon AI orchestrates models from multiple leading AI providers — each contributing its strongest capability to a specific layer of the pipeline.
A lightweight coordinator dispatches work and tracks state. Specialist agents handle code, JavaScript, API, and chain reasoning. A multi-model council reviews promotion-grade findings. A premium reasoning model is invoked periodically as a strategic critic — auditing the coordinator's decisions and surfacing missed angles.
Why this matters
Single-vendor architectures inherit a single vendor's blind spots, price changes, rate limits, and policy shifts. A multi-model architecture is inherently more resilient, more thorough, and more honest about uncertainty. Disagreement between models is itself signal.
Specialized AI agents
One general agent is a weak generalist. Many specialists, well-coordinated, are a strong system.
-
Recon agent
Maps the authorized perimeter — domains, subdomains, endpoints, JavaScript bundles, cloud assets — and detects drift between scans. New surface area is flagged for review within minutes, not weeks.
-
Code & JavaScript analyst
Reads long-context bundles, sourcemaps, and recovered TypeScript to extract embedded endpoints, secrets, business logic, and validation rules that traditional crawlers miss.
-
Chain synthesist
Composes multi-step attack hypotheses by linking signals across independent agents. This is where reasoning models earn their cost — connecting evidence one model alone would not connect.
-
Validator
Executes controlled, safe probes against the customer's own assets to confirm or refute each hypothesis. Probes require positive and negative controls before a finding can graduate.
-
Severity council
Multiple models independently rate impact and exploitability. Disagreement is preserved and surfaced — not averaged away — so the human reviewer sees the real shape of the evidence.
-
Remediation author
Produces a reproducer, a recommended fix, and optional detection rules. Output is designed to be directly actionable by the customer's engineering team, not just legible to security.
JavaScript & API intelligence
Modern applications hide most of their attack surface in client code and undocumented APIs.
A meaningful share of modern application logic lives in JavaScript bundles served to the browser: hidden endpoints, embedded keys, validation rules, business workflows. Generic crawlers see roughly a third of this surface. Cordon AI uses multiple harvesting techniques in parallel — static fetching, headless rendering, authenticated sessions, mobile and desktop variations, archival snapshots, and sourcemap reconstruction.
The resulting bundles are then read by long-context reasoning models that can hold an entire codebase fragment in working memory and reason across it — extracting structure, intent, and risk.
- Multi-technique JS harvesting (six methods, parallel)
- Sourcemap reconstruction to recover original code
- Long-context code reading across many files
- API surface extraction from client-side bundles
- Secret and credential scanning with multi-model validation
- Third-party SDK and supply-chain awareness
Attack surface graph
A living map of what exists, where it exists, and how it connects.
Every endpoint, bundle, credential signal, identity flow, and cloud asset becomes a node in a continuously updated graph. The graph is the substrate on which reasoning happens: it is what makes multi-step chain hypotheses possible, what enables drift detection, and what produces compliance-grade evidence trails.
Continuously updated
Daily reconnaissance and event-driven updates keep the graph current as the customer's infrastructure changes.
Attribution-aware
Each node records which model surfaced it, when, and with what confidence. The provenance trail is durable.
Queryable
The graph is structured for both human inspection and agent reasoning. Specialists query it the same way an AppSec engineer would.
Validation & prioritization engine
Findings have to earn their severity. Twice.
The platform applies two independent filters before any finding is promoted to a human reviewer. The first is a deterministic severity gate: a finding cannot claim a high severity rating unless it includes the artifacts that would let a human reproduce it — positive and negative controls, evidence of authenticated context where required, and a documented impact path.
The second is a multi-model consensus pass. A council of independent models votes on severity. Confidence is reported as the fraction of agreement. Disagreement does not get averaged away; it is surfaced as its own signal and routes the finding into deeper review.
The goal: signal density
Traditional dynamic scanners produce findings that are mostly noise. We design the pipeline so the human reviewer's attention lands on evidence that is reproducible, attributed, and consensus-validated.
Remediation & verification loop
A finding is not finished until it has been fixed and re-verified.
Detection without remediation guidance has limited operational value. Every confirmed finding is paired with a clean reproducer, a recommended fix at the appropriate layer, and an optional detection rule for the customer's SIEM. After deployment of a fix, the platform re-runs the validation pathway to confirm closure — and logs the lifecycle for compliance evidence.
Reproducer-first reporting
Every finding includes a deterministic reproduction path. No "the scanner says so" reports. Either it reproduces or it is not promoted.
Fix guidance, not just description
Remediation output names the change, the layer, the trade-offs, and the verification step. Designed to be read by engineers and shipped to a pull request.
Optional detection rules
Each high-impact finding can ship with a draft Sigma or YARA rule for the customer's SIEM — turning detection capacity into protection capacity.
Closure verification
Post-fix, the validator re-runs. The lifecycle event is recorded. Compliance evidence is generated as a byproduct of normal operation.
Human-in-the-loop controls
Humans decide. The platform supports.
Cordon AI is decision-support infrastructure, not an autonomous operator. The architecture is intentionally biased toward keeping humans in control of consequential decisions.
Scope enforcement
Every probe validates against an explicit, authorized scope. Out-of-scope actions are blocked at the agent layer.
Approval gates
Promotion of findings, escalation of severity, and outbound communication all require human approval before execution.
Full audit trail
Every probe, every model decision, every state transition is logged. Customers can reconstruct exactly what happened, when, and why.
Future roadmap
An infrastructure layer matures over years, not quarters.
-
Near term — Platform hardening
Stabilize the core pipeline, complete the validation engine, run structured pilots with design partners, and establish reproducibility benchmarks against published security corpora.
-
Mid term — Integration surface
Native integrations with major issue trackers, SIEMs, and CI/CD systems. Public APIs for partner ecosystems. Compliance evidence generators for SOC 2, ISO 27001, and PCI-DSS.
-
Longer term — Ecosystem layer
Open evaluation benchmarks for AI-assisted security reasoning. Marketplace for community-contributed validation skills. Partnerships with cloud providers for native marketplace presence.
-
Continuous — Model frontier
The architecture is designed to integrate new frontier models as they appear. Roadmap acceleration is a function of model capability improvement, not just engineering throughput.
Build with us