What you get
Skip the consultant. Get deterministic feedback.
A verdict you can re-prove
The same input always yields the same findings and a verifiable SHA-256 report_digest β re-run it (or sentinel verify) and prove the result hasn't changed. Auditable, deterministic, zero flakiness β the one thing nobody else can copy honestly.
Catch real misconfigurations
Exposed Docker sockets, default/weak credentials, privileged containers, host-namespace sharing, unpinned images, and more β pure rules over a fact graph, no LLM. See the full rule catalog β
Total privacy
Runs entirely in your browser as WebAssembly. Your config is never uploaded β no account, no cookies; we only count visits with cookieless, no-PII analytics. Open the network tab and see for yourself.
See your architecture
A dependency map of every service or build stage and the resources it touches β with risky nodes highlighted by severity.
Fits your workflow
The same engine ships as a CLI with text / JSON / SARIF output and a --fail-on gate for your CI pipeline.
Free, no signup
Use it as much as you like, right here. Nothing to install just to try it.