Pipelock Assess: Signed Security Reports

Know what happened. Know what's exposed.

Runtime traffic forensics and proactive deployment assessment. Two tools, two questions, one evidence chain.

Runtime Forensics

“What did my agents do?”

pipelock audit report analyzes JSONL audit logs from a running proxy session. Activity timeline, findings by category, top domains, and MITRE ATT&CK technique mapping.

Pipelock egress report showing blocked requests, DLP findings timeline, and MITRE ATT&CK technique mapping
View Demo

Security Assessment

“Is this deployment secure?”

pipelock assess runs 31 attack scenarios, scores 12 config categories, probes your running proxy, and discovers unprotected MCP servers. One command, four evaluation stages.

Pipelock security assessment showing risk rating, config scoring across 12 categories, and attack simulation results
Paid Demo Free Demo

Free vs. Paid Assessment

Same checks. Different output depth.

Free Summary

No license needed. No time limit.

  • Overall grade (A-F)
  • Section scores and detection percentage
  • Compliance coverage counts
  • Top findings (server names redacted)
  • MCP server coverage stats

Shareable, compact, unsigned.

View Demo

Everything in Free, plus:

  • Server-specific findings with named MCP servers
  • Remediation commands per finding
  • Priority actions ranked by severity
  • Full evidence chain (JSON + HTML)
  • Ed25519-signed manifest for audit

Authoritative, detailed, cryptographically signed.

View Demo

Run It Yourself

terminal
# Install
$ brew install luckyPipewrench/tap/pipelock

# Run a free assessment (no license needed)
$ pipelock assess init --config pipelock.yaml
$ pipelock assess run assessment-*/
$ pipelock assess finalize assessment-*/
$ open assessment-*/summary.html
Get an Assess License View on GitHub