Platform Modules
ThreatWeaver is composed of six integrated security modules. Each module works independently and shares a unified data model, auth layer, and real-time notification system.
Module Mapβ
| Module | Primary Audience | Core Capability |
|---|---|---|
| Exposure Management | Security Analysts, CISOs | Unified vulnerability visibility from Tenable Cloud |
| AppSec Scanner | AppSec Engineers, Pentesters | 50+ AI-powered agents for automated black/gray/white-box pen testing |
| AI Labs | Security Engineers | Vulnerability validation, deduplication, and predictive risk scoring |
| Cloud Security | Cloud Engineers, SREs | Infrastructure monitoring, misconfiguration detection, compliance |
| Identity Security | IAM Teams, Red Teams | AD exposure analysis, privilege escalation path detection |
| Admin & Settings | Administrators | Multi-tenant management, SSO/SAML, licensing, user admin |
Exposure Managementβ
The flagship module. Pulls vulnerability data from Tenable.io and Tenable.sc, enriches it with WeaverScore risk scoring, and surfaces it through filterable dashboards with fix planner integration.
β Read the Exposure Management overview
AppSec Scannerβ
50+ autonomous scanning agents covering OWASP Top 10, business logic flaws, authentication bypasses, injection, SSRF, file upload abuse, and more. Supports authenticated black-box, gray-box, and white-box assessments.
AI Labsβ
AI-driven validation layer that cross-checks raw scanner findings against multiple signals before surfacing them. Reduces false positives by up to 60% in benchmark testing.
Cloud Securityβ
Cloud infrastructure posture management: AWS/Azure/GCP asset inventory, misconfiguration detection mapped to CIS Benchmarks and SOC 2, and real-time drift alerts.
β Read the Cloud Security overview
Identity Securityβ
Active Directory and IAM risk visibility: Kerberoastable accounts, DCSync rights, unconstrained delegation, privilege escalation paths visualised as attack graphs.
β Read the Identity Security overview
Admin & Settingsβ
Multi-tenant administration: user provisioning, role management, SSO/SAML configuration, license activation, API key management, audit log export, and system health monitoring.
Multi-Tenancyβ
All modules are tenant-isolated. Data never crosses tenant boundaries at the database or API layer. See the Multi-Tenancy Architecture doc for schema-per-tenant isolation details.