Platform
How integrations, access, notifications and plans fit together when you work in Aether AI.
Aether AI is an autonomous frontier AI security platform: it attacks your own attack surface the way a real adversary would, and defends it continuously. The offensive and defensive work is covered elsewhere in these docs. This section covers the parts of the platform that sit around that work, the connectors that keep your surface current, the way people get access, how you find out something has changed, and how usage is planned and metered.
The shape of a working environment
Everything in Aether AI hangs off your attack surface. Discovery starts from seeds you provide (domains, subdomains, IPs, CIDRs, keywords) and grows an inventory of assets: domains, subdomains, IPs, cloud resources, and people or identities. Each asset carries its provenance, the provider and the account or scope id it came from, captured at ingest, so you always know where a thing was found.
From there, four platform concerns shape day to day work:
- Integrations keep the surface current and enrich it with cloud context.
- Teams and access decide who can see and act on what.
- Notifications tell you when something has changed or needs attention.
- Plans and usage set the capacity you have and meter what you spend per asset.
They are separate concerns, but they reinforce each other. A cloud connector discovers new assets, the right people are scoped to see them, a notification lands when a finding appears, and the tier you have chosen for that asset decides how deeply Aether AI validates it.
Integrations that enrich the surface
Cloud connectors (AWS, Azure, Cloudflare, and more) plug your cloud accounts into Aether AI so the attack surface reflects what you actually run. They discover cloud assets, capture full provenance (provider plus account or scope id), and keep the inventory current as things change. These are enrichment connectors: they bring context in, they are not a public API.
On the roadmap, these same connectors are designed to become action channels, so validated exposure can flow straight into response. That is future direction, covered in more detail on the integrations page.
For risk owners
Provenance is not cosmetic. Because every asset records the provider and the account or scope id it came from, business-unit segmentation and access scoping can key off where an asset actually lives, rather than guesswork.
Access that scopes the work
Aether AI uses role-based access with three roles, viewer, commenter, and operator, plus a Guest role for limited, external participation. On top of roles, business-unit segmentation ("Teams") lets a parent organisation scope access per brand, so people only see and act on the surface that belongs to them. Identity is backed by WorkOS.
Access and provenance work together. Because assets know which provider and scope they came from, a Team can be given a clean slice of the surface, and the roles inside it decide who can comment, who can operate, and who is just watching.
Notifications that close the loop
When a finding appears, an asset changes, or a validation result comes back, Aether AI surfaces it through an in-app notification bell, a full notifications page, and email. This is the loop that turns continuous validation into something a person actually acts on, rather than a queue nobody is watching.
Plans and usage that meter cost
Capacity in Aether AI has two parts. Pentest capacity governs the heavier, frontier offensive work, the autonomous AI pentest that runs against explicitly authorised scope. Per-asset ASM tiers govern the continuous side: Monitor for passive monitoring, and Monitor Plus for active exploitability validation on top. Tiers meter cost per asset, so you decide, asset by asset, how deep the work goes, and downgrading an asset stops the deeper work. Enterprise plans are negotiated, and usage is metered against them.
Related
Integrations
Cloud connectors that discover assets, capture provenance, and keep the surface current.
Teams and access
Roles, the Guest role, and business-unit segmentation, backed by WorkOS.
Notifications
The in-app bell, the notifications page, and email alerts.
Plans and usage
Pentest capacity, per-asset ASM tiers, and usage metering.
Reporting
Board-ready and technical reports drawn from the same validated findings, following the Dvuln reporting standard and kept honest by continuous re-validation.
Integrations
How Aether AI connects to your cloud accounts to enrich the attack surface today, and where those connectors are headed as action channels.