Cyber agency is
stack-level.
Drost converts cyber-capable models into scoped, verified security outcomes through tools, state, auth context, proof, and safety boundaries.
Runtime owns mechanics. The model owns judgment.
Browser observes. Replay proves.
Scope, proof, and auditability are runtime constraints.
Every tool call passes through runtime scope authorization. Out-of-scope targets are blocked at runtime, not at the model level.
Browser captures bind UI context and the trigger element to each request. Replay confirms or rejects authorization claims under another auth context.
Organization and domain seeds become a typed asset graph. Confirmed assets promote into the existing objective ledger without scope drift.
A hardened control target is part of every release. Drost produces zero confirmed findings on it — quality is measured against false-positive discipline.
The model is one layer. The trust comes from the stack.
Cyber-capable models are now widely available. Practical autonomous security depends on what runs around the model: scope, state, tools, proof, and safety. Drost owns those layers so the model can focus on judgment.
Runtime substrate
Catalogs, scope filters, scoped tools, asset graph, auth-context lifecycle, replay proof, redaction, and budget caps. Deterministic where deterministic is enough.
Model judgment
Triage, correlation, prioritization, and attack-path interpretation. The model decides where to look. The runtime decides what is allowed and what counts as proof.
Verified outcomes
Replay-backed authorization findings, module-confirmed component risk, redacted artifacts, and scope-aware reporting. Every confirmed finding traces to a proof source.
Observations vs. proven impact.
A scanner reports patterns. Drost separates candidate observations from confirmed findings, and confirmed findings carry replay or module proof.
- ·Missing X-Frame-Options header
- ·Server version disclosed in headers
- ·Reflected query parameter (potential XSS)
- ·API endpoint accessible without authentication
- →Viewer replayed Admin's DELETE /api/users/123 with a valid auth context. Server returned 200 with a success body shape. Classified
authz_bypassvia replay proof. - →SQL injection on /api/login email parameter, confirmed via boolean-blind extraction. Replay returns a valid admin JWT for any password.
- →Tomcat 9.0.30 component risk, confirmed by Metasploit operator module proof. Read /WEB-INF/web.xml via Ghostcat.
Authorized, auditable, redacted.
Authorization-first
Every engagement requires explicit attestation. Out-of-scope hosts and destructive methods are blocked unless rules of engagement explicitly allow them.
Replay or module proof
Confirmed findings carry a proof source: deterministic replay, Metasploit module proof, or browser artifact. Observations without a proof path stay candidate.
Negative-control tested
A hardened control target is part of every release validation. Drost produces zero confirmed findings on it — by design.
Redaction at the proof boundary
Replay artifacts store request shape and response invariants, not raw cookies, tokens, CSRF values, or PII. Proofs are reproducible without leaking credentials.
Become a technical preview partner.
Drost is in technical preview with a small group of security engineers, applied AI builders, and trusted researchers. Read the technical note, then request access.