Cloud Reviewer Pricing
Platform

Cloud-native application security, repositioned to sell better

The platform story is framed around analysis breadth, posture correlation, business-priority context, and a cleaner adoption path.

Pricing & checkout See Cloud edition

SAST

Source-code analysis with blocker/critical/major severity triage, CVSS scoring, aged-findings tracking, and historical progress charts — covering all major languages and frameworks.

SCA

Dependency scanning with Critical/High/Medium/Low severity breakdown, CVSS distribution, and Top-5 aged-findings tracking for open-source and third-party libraries.

DAST

Black-box and white-box dynamic testing with four depth levels — Light, Standard, Deep, and AI-Based — supporting direct connection and API scan modes.

MAST

Mobile analysis support for teams extending posture management across iOS and Android app estates.

ASPM

Risk funnel with CWE classification (CWE-117, CWE-30, CWE-331, CWE-601 and 50+ more), priority management, and cross-product posture correlation in one dashboard.

XDR

Extended cyber-protection context layered over SAST/SCA/DAST signals to reduce false urgency and focus remediation effort on what materially matters.

Live dashboard

One unified view across all products, engagements, and scan engines

The Cloud Reviewer dashboard aggregates findings in real time — open findings, critical alerts, accepted risks, and remediation velocity — across every product and engagement your team runs.

7
Products tracked
6
Active engagements
22
Active tests
159
Open findings (7d)
DAST scan depth

Four levels of dynamic analysis — from quick sweeps to AI-guided coverage

01

Light

Fast surface-level check ideal for pre-commit gates and developer self-service runs with minimal overhead.

02

Standard

Balanced coverage for CI/CD pipelines — the default mode for most sprint-cadence security verification.

03

Deep

Comprehensive crawl and probe cycle for pre-release security gates and compliance-driven scan requirements.

04

AI-Based

AI-guided dynamic analysis that adapts scan paths based on application behavior for maximum finding yield.

Operating model

Structured to match the way security programs actually work

01

Connect

Onboard repositories, folders, images, or running applications with the deployment model that suits your policy constraints.

02

Analyze

Run SAST, SCA, DAST, MAST, container, and posture workflows with a consistent operating experience.

03

Prioritize

Layer exploitability, business impact, technical debt, and ownership to cut through alert volume.

04

Remediate

Route issues to the right teams with enough context to fix faster and prove progress over time.

ASPM — Risk funnel

From raw findings to prioritised remediation with CWE context

ASPM correlates findings across SAST, SCA, and DAST into a unified risk funnel — ranked by CWE classification, exploitability, and business impact. Top issues include CWE-117 (log injection), CWE-331 (insufficient entropy), and CWE-601 (URL redirection), giving teams a clear starting point rather than another alert queue.

Tool Severities

Blocker, Critical, Major, Minor, and Info findings broken down per scan engine with trend tracking over time.

CVSS Distribution

Findings classified by CVSS score bands (9–10, 7–8.9, 4–6.9, 0.1–3.9) across all active products and engagements.

Top 10 CWE

Bar chart of the ten most common weakness categories across the estate — from CWE-117 through CWE-770 — with percentage share and count.