SECURITY ASSESSMENT // CHIMERASCOPE
We assess your organization's external attack surface and deliver an encrypted, compliance-mapped report — the only assessment at this level that maps every finding to specific CRA, NIS2, ISO 27001, GDPR, DORA, and MiCA regulatory articles.
We evaluate your organization's publicly visible infrastructure — domains, subdomains, certificates, email security, exposed services, cloud configurations, and third-party dependencies — using a proprietary assessment methodology developed over years of security research.
Every finding is automatically mapped to the regulatory framework articles that apply to your organization. The result is a structured, encrypted intelligence report that speaks the language of both your technical team and your compliance officers.
This is not a penetration test. We do not interact with your systems beyond what any external observer could see. No authorization is required for the standard assessment scope — though we recommend a formal engagement agreement for all paid assessments.
Comprehensive assessment delivered as an AES-128 encrypted PDF with full table of contents, executive scoring (A–F), and forensic chain of custody. Typically 30–50 pages depending on infrastructure complexity.
Every finding mapped to specific articles: CRA Art. 10, 11, 14 — NIS2 Art. 21 measures — ISO 27001 Annex A controls — GDPR Art. 32 technical requirements — DORA Art. 5–12, 17, 24, 28 for financial entities — MiCA Art. 62, 67, 68, 75, 79, 83 for crypto-asset service providers — with dedicated MiCA/DORA Compliance Scorecard (per-article PASS/FAIL assessment). Sector-specific annotations where applicable.
Boardroom-ready summary with overall security grade, CRA readiness scorecard with traffic-light indicators, and remediation priority matrix organized by impact and effort.
SHA-256 hashed forensic evidence chain with verification QR code. Machine-readable JSON export compatible with SIEM platforms, Jira, and ServiceNow for direct integration into your remediation workflow.
Vulnerability reporting becomes mandatory from September 11, 2026. Full compliance required by December 2027. We map findings to Articles 10 (cybersecurity requirements), 11 (vulnerability handling), and 14 (reporting obligations). Penalties: up to €15M or 2.5% of global annual turnover.
Article 21 security measures assessment across all applicable domains. Sector-specific mapping available for healthcare, energy, transport, water, and digital infrastructure entities. Active in Denmark, Finland, and Sweden since January 2026.
Annex A control mapping with gap identification against information security management requirements. Particularly relevant for organizations pursuing or maintaining certification — our findings integrate directly into your Statement of Applicability.
Article 32 technical and organizational measures assessment. Data exposure evaluation, breach risk scoring, and identification of processing activities visible from the external attack surface.
Mandatory for EU financial entities. We map findings to Art. 5–6 (ICT risk management), Art. 7 (patch management), Art. 9 (access control, encryption), Art. 10–11 (detection and response), Art. 17 (incident reporting), Art. 24 (resilience testing), and Art. 28 (third-party risk). DORA compliance mapping is included in all paid assessments.
EU-wide regulatory framework for crypto-asset service providers (CASPs), effective June 2024 with full application from December 2024. We map findings to Art. 62 (ICT risk management), Art. 67 (operational resilience), Art. 68 (safeguarding requirements), Art. 75 (custody and administration), Art. 79 (exchange services), and Art. 83 (complaint handling). Crypto-asset targets receive a dedicated MiCA/DORA Compliance Scorecard with per-article PASS/FAIL/WARN assessment in the delivered report. Essential for exchanges, custodial wallet providers, and any entity offering crypto-asset services within the EU.
Clinical trial data protection, manufacturing system exposure, GxP compliance verification. Assessment covers connected laboratory equipment, research portals, and API interfaces to partner organizations.
Multi-client data environment assessment, FDA/EMA audit readiness evaluation. Particular focus on supply chain exposure, shared infrastructure risks, and cross-client data isolation verification.
Connected device ecosystem assessment, CRA product compliance evaluation. Covers firmware exposure analysis, update mechanism security, API authentication, and cloud management platform posture.
OT/IT convergence risk assessment for CRA-applicable connected products. Sensor network exposure, SCADA interface detection, cloud management platforms, and edge computing security evaluation.
Electronic health record system exposure, patient data risk assessment. NIS2 health sector requirements mapping, telehealth platform security, and integration endpoint evaluation.
DORA compliance readiness assessment, API security posture evaluation. Payment infrastructure analysis, mobile banking exposure, and third-party service provider risk mapping.
MiCA compliance readiness for crypto-asset service providers, exchanges, and custodial wallet operators. Blockchain address intelligence with OFAC sanctions screening, wallet exposure analysis, token risk assessment, and Proof of Reserves verification. Covering BTC, ETH, XRP, SOL, and ERC-20 token ecosystems, and verified smart contract vulnerability analysis for organizations with on-chain exposure.
The standard assessment covers the core external attack surface described above. For organizations with specific regulatory, operational, or sector requirements, the engagement scope can be extended with additional reconnaissance and verification activities — selected to match the organization's risk posture and compliance obligations.
Discovery of self-hosted reasoning platforms, agent frameworks, Model Context Protocol servers, and public inference interfaces that increasingly form part of the external attack surface of modern organizations. Covers exposure detection, authentication posture of management interfaces, and cross-reference against known vulnerability classes for inference engines and orchestration platforms.
JavaScript dependency risk analysis with CVE enrichment, Subresource Integrity validation across third-party resources, expired CDN domain attribution (a documented takeover path for long-lived brand properties), and third-party SaaS platform security posture evaluation for the vendor ecosystem visible from your external surface.
Infrastructure timeline analysis through DNS and BGP change patterns, archived content evolution, service fingerprint drift over time, and correlation across current and historical TLS certificates. Reveals operational patterns and infrastructure decisions that current-state scans cannot observe.
Identification of unauthorized SaaS tenants operating under the organization's identity perimeter, self-hosted engines operating outside corporate governance, and orphaned infrastructure retained beyond its operational lifetime — the classes of assets that produce incidents because no one currently owns them.
Validated testing for injection vulnerabilities (SQL, server-side request forgery, template, command) against endpoints in scope, performed exclusively under formal written authorization. This activity moves the engagement from passive reconnaissance into active assessment territory and requires a signed Scope of Work in advance.
Multi-chain wallet discovery (BTC, ETH, XRP, SOL, ERC-20), automated OFAC SDN sanctions screening against US Treasury lists, deep wallet timeline analysis, exchange attribution, token risk assessment, and DeFi endpoint discovery (exposed RPC nodes, leaked provider API keys, admin wallet detection). For organizations in the crypto-asset sector or those needing to verify counterparty blockchain exposure as part of due diligence or compliance obligations.
Static and symbolic vulnerability analysis of verified Solidity smart contracts deployed on Ethereum and EVM-compatible chains. Covers reentrancy patterns, access control weaknesses, unchecked external call returns, integer overflow conditions, delegatecall injection vectors, self-destruct authorization gaps, and front-running susceptibility — across the full range of documented smart contract weakness classifications. Analysis is performed exclusively against publicly verified contract source code — no access to private repositories or internal codebases is required or requested. Available as part of the extended engagement scope for organizations operating or evaluating exposure to on-chain financial infrastructure.
Comprehensive assessment of cryptographic infrastructure resilience against quantum computing threats. Evaluates TLS key exchange configurations across standardized post-quantum hybrid and pure algorithms, certificate algorithm migration readiness, SSH key exchange modernization status, email transport encryption quantum safety, and protocol downgrade vulnerability exposure. Includes CDN-aware analysis that differentiates between edge-provided and origin-native post-quantum protection — a critical distinction for organizations relying on content delivery infrastructure. Assessment maps findings to CRA Art. 10 cryptographic requirements, NIS2 Art. 21 state-of-the-art obligations, and BSI TR-02102-1 recommended algorithm guidance. Delivered with a quantified readiness score reflecting actual deployment status across all externally observable cryptographic endpoints.
Each identified finding correlated to a specific MITRE ATT&CK technique and sub-technique, with coverage gap identification and detection-engineering priority recommendations. Integrates directly into the detection-engineering roadmap of organizations operating a Security Operations Centre or equivalent capability.
Sector-specific identification of advanced persistent threat groups with documented targeting activity against the organization’s industry vertical. Cross-references government-attributed threat actor databases with national cybersecurity authority tracking lists to surface the state-sponsored groups most relevant to the organization’s sector, geography, and operational profile. Each identified group is presented with country attribution, known aliases, documented target sectors, incident type classification, and direct references to corresponding MITRE ATT&CK group profiles. Delivered with BSI-tracked status badges for groups actively monitored by national cybersecurity authorities. Available for all industry sectors covered by the assessment scope.
Organizations commonly requesting extended scope: defense and dual-use technology contractors, Contract Development & Manufacturing Organizations (CDMOs), critical national infrastructure operators, financial market infrastructure, Operational Technology and Industrial IT convergence environments, research institutions handling regulated data.
Submit your organization's domain for a complimentary External Exposure Summary — delivered within 48 hours.
Select your assessment type and provide your organization's primary domain. All submissions are treated as confidential.