Product
Supply Chain Security for every endpoint.
Sekeye pairs Drig, the thin endpoint agent, with an exposure engine, a fleet console, and a remediation layer. Employee laptops lead, servers alongside, one catalog watching both.
01 · Agent
Continuous inventory across nine surfaces.
A thin Go binary reads packages, extensions, MCPs, agents, and models. Read-only, pull-only, authenticated over TLS (mTLS lands in M6), no listening ports.
Read more →
02 · Exposure engine
Semver-aware matching against a curated catalog.
OSV, GHSA, KEV, OpenSSF plus our own campaign catalog. Retro-match re-runs across current inventory when the catalog updates.
Read more →
03 · Campaigns
Fleet-wide sweeps on a new catalog event.
One click, live progress bar, exposed-machine list. Design target: 1,000 endpoints, 95% reported in 10 minutes, being validated with pilot data.
Read more →
04 · Remediation
Fix guidance and rotation checklists.
Per-finding upgrade paths, GitHub-PR-based lockfile bumps, and ordered credential-rotation playbooks. This is the layer nobody else packages well.
Read more →