The Risk Inbox
One prioritised queue of findings across ASM and pentest, so every validated exposure lands in a single place to triage and act on.
The Risk Inbox is the single queue where every finding Aether AI produces lands, whether it came from attack surface monitoring or the autonomous pentest. Instead of chasing results across separate tools, you work one list, triage it, and drive each finding to resolution.
Why it matters
Exposure does not arrive in tidy categories. A commodity weakness on an exposed service, a set of leaked credentials, and a business-logic flaw the frontier agents chained together are all real risk, and they all need the same treatment: understand it, prioritise it, fix it, confirm it. When those live in different screens, things fall through the gaps.
Aether AI collapses that into one inbox. Findings from the Conventional Attack Surface validation layer, the Autonomous AI Pentest, and the Threat Radar intelligence plugins share a queue, a severity scale, and a lifecycle. What a security leader sees as an aggregate risk picture is the same set of items an engineer works through line by line.
One queue across ASM and pentest
Every finding, regardless of where it originated, is source-agnostic once it reaches the inbox. That is deliberate: the risk score and the triage flow do not care whether a weakness was found by commodity tooling or by an offensive agent, only whether it is confirmed and live. The inbox reflects that unified view.
Because the queue spans both sides, you can see the commodity baseline (what a conventional attacker could reach) and the frontier results (what advanced, AI-driven attack chains uncovered) next to each other, rather than reconciling two reports.
Filters and sorting
The inbox is built for triage, so you narrow it down fast:
- Severity filters to the findings that matter most first.
- Source filters by where a finding came from.
- Updated sorts the queue by most recently changed, ascending or descending, so you can either catch what just moved or work down from the oldest.
Source labels
Each finding carries a source label so you always know what kind of validation produced it:
- Aether ASM for findings that come from the attack surface side.
- Plugin (Infostealer) for compromised credentials surfaced by the Infostealer Monitor.
- Plugin (Conventional Attack Surface) for exploitability findings from the commodity validation layer.
For risk owners
Filtering by source is a quick way to separate "what an attacker already holds" (leaked credentials from the Infostealer plugin) from "what an attacker could reach" (Conventional Attack Surface). Both feed the same risk picture, but they call for different responses.
How a finding reads
Open a finding and it tells you the same story every time: what it is, how severe it is, which asset it sits on, and its source label. It points at the exact place the weakness lives, carries the evidence behind it, and describes the fix. Severity feeds the affected asset's 0 to 100 risk score, which is computed only over confirmed, live findings, so the inbox reflects real, current exposure rather than noise.
From a finding you can go deeper. @Aether, the in-finding assistant, will walk you through remediation step by step. Findings then move through a resolve, retest, and regression lifecycle: re-validation confirms a fix and closes the finding out, or reopens it if the weakness comes back. When a finding is resolved, it stops contributing to the asset's risk score.
Roadmap
Automated remediation is on the roadmap. Today @Aether guides a person through the fix; the ability for Aether AI's agents to action remediation directly is a "coming soon" affordance, not a current capability.
Related
Autonomous AI Pentest
The frontier engine whose findings land in the Risk Inbox.
Conventional Attack Surface
The commodity validation layer behind Plugin (Conventional Attack Surface) findings.
Threat Radar
Intelligence plugins, including the Infostealer Monitor, that feed the inbox.
Risk Scoring
How the 0 to 100 asset risk score is computed from confirmed, live findings.