Getting Started with SilentBolt#
What Is SilentBolt?#
SilentBolt is a multi-tenant SaaS cybersecurity scanning and attack orchestration platform. It automates the full cycle of external attack surface discovery, vulnerability detection, findings management, professional reporting, and AI-driven penetration test orchestration.
In practical terms, SilentBolt lets you:
- Onboard domains you own or manage, verify ownership, and authorize them for scanning.
- Run security scans that discover subdomains, map live assets (hosts, endpoints, services), and detect vulnerabilities using industry-standard tools.
- Review and triage findings with severity scoring, drift detection across scans, and optional AI-assisted triage suggestions.
- Generate professional reports in PDF and JSON formats suitable for executives, technical teams, and client delivery.
- Launch AI-driven attack orchestration sessions that chain security tools based on your scan results, with the AI suggesting test types and configuring tool parameters.
- Send notifications about scan completions and critical findings to external tools like Microsoft Teams, Telegram, Jira, and GitHub Issues.
Core Concepts#
Before diving in, familiarize yourself with these foundational concepts. See the Glossary for the complete list.
Targets and Domains#
A target in SilentBolt is a domain (e.g., example.com) that you want to scan. Before any scanning can happen, you must:
- Add the domain to SilentBolt.
- Verify ownership via a DNS TXT record or email-based verification.
- Authorize the domain for scanning (admin approval).
This ensures SilentBolt only scans assets you are authorized to test.
Scans#
A scan is a single execution run against a verified and authorized domain. Each scan progresses through a pipeline:
- Discovery — enumerate subdomains.
- WAF Detection — detect web application firewalls and adjust the scan profile.
- Surface Mapping — probe live hosts, open ports, and crawl URLs.
- Vulnerability Scanning — run vulnerability detection templates against discovered assets.
- Post-Processing — normalize data, compute risk scores, detect drift from prior scans, generate reports.
Scans can be triggered manually or run on a schedule.
Findings#
A finding is a security issue discovered during a scan. Each finding carries:
- A severity level (critical, high, medium, low, info).
- A risk score and effective score (adjusted by governance state).
- A governance status that tracks its lifecycle:
open→in progress→resolved,false positive, oraccepted risk. - An optional drift label indicating whether it's new, changed, or a regression from a previous scan.
Attack Orchestration#
After a scan completes, you can launch an orchestration session — an AI-assisted penetration test workflow. The AI analyzes your scan results and suggests test types (e.g., web app pentest, API pentest, Kubernetes security). Once you select and approve, the AI configures tool parameters and executes each step sequentially in isolated containers.
Multi-Tenancy#
SilentBolt is designed for teams and service providers. Each company (tenant) has isolated data — domains, scans, findings, users, and integrations. Data from one company is never visible to another.
Your First Session: Onboarding Flow#
Here is the typical journey for a first-time user, end to end:
Step 1: Register and Log In#
Create your account and verify your email address. Once logged in, you'll land on the Dashboard, which will be empty until you complete your first scan.
Step 2: Add a Target Domain#
Navigate to Targets and add the domain you want to scan (e.g., yourcompany.com).
Step 3: Verify Domain Ownership#
SilentBolt requires proof that you own or control the domain. Choose one of:
- DNS TXT verification — add a TXT record with the provided token to your domain's DNS.
- Email verification — confirm via an email sent to an admin address on the domain.
Step 4: Authorize the Domain#
Once verified, an admin must authorize the domain for scanning. This is a deliberate safety gate — only authorized domains can be scanned.
Step 5: Run Your First Scan#
Navigate to Scans and start a new scan against your authorized domain. The scan will progress through all pipeline phases automatically. You can monitor progress via the scan detail page and its real-time event timeline.
Step 6: Review Findings#
Once the scan completes, navigate to Findings to see the discovered security issues. Each finding includes severity, a risk score, technical evidence, and (if applicable) a drift label showing whether it's new since the last scan.
Triage findings by changing their governance status. Optionally, trigger an AI Review to get automated triage suggestions that you can approve or dismiss.
Step 7: Export a Report#
Go to Reports (or the scan detail page) to download a PDF or JSON report summarizing the scan results. PDF reports include an executive summary and detailed technical findings.
Step 8: (Optional) Launch Attack Orchestration#
If you want deeper penetration testing, create an Orchestration Session from your completed scan. The AI will suggest test types based on your scan context, you select which ones to run, and the system executes them with live output.
Step 9: (Optional) Set Up Integrations#
Navigate to Integrations to connect SilentBolt with Microsoft Teams, Telegram, Jira, or GitHub. Once configured, SilentBolt will automatically send notifications for scan completions and critical findings.
What's Next?#
| If you want to… | Read… |
|---|---|
| Learn the full target onboarding flow | Workflow: Onboarding a Target |
| Understand scan configuration and scheduling | Scans |
| Deep-dive into findings triage | Findings |
| Set up recurring scans | Scans — Scheduled Scans |
| Understand severity and scoring | Reference: Statuses and Severities |
| Look up a term | Glossary |