Critical vulnerability — debian-prod-01
CVE-2024-12345 in OpenSSL affects debian-prod-01. Action: upgrade to 3.2.1.
Launching soon — early access open
Stop hunting
for CVEs.
OrionRadar finds them for you.
The Rust agent automatically maps your installed software and only alerts when something critical appears for your specific stack.
🦀 Rust — standalone binary, zero dependencies 🎯 Your stack only 🤖 AI summary, no hallucination
The problem
99% of CVEs don't apply to you. The rest gets lost in the noise.
Today
Manual CVE hunting
- NVD publishes 100+ new CVEs daily — you manually filter what applies to you.
- Nessus/Qualys costs thousands/year and weeks to configure — not realistic for SMEs.
- SMEs discover critical CVEs 15+ days after they're published on average.
- CVE descriptions are unreadable — you don't know how bad it is or what to do.
OrionRadar
Automated, zero-noise monitoring
- Rust standalone binary — no Python, no runtime, no deps. Download and run.
- Only CVEs affecting your stack at high/critical severity. Nothing else.
- Every alert includes a plain-language summary: what's wrong, severity, what to do.
- AI is grounded in NVD data only — no guessing, no hallucination.
How it works
Setup in 5 minutes. Then Radar watches.
Download the agent
Statically linked Rust binary. No Python, no runtime, no external deps. Linux, Windows, macOS, ARM support. 30 seconds.
curl -sSL https://get.orionradar.io | sh
Daily automated scan
Cron runs it once daily. The agent collects all installed software (dpkg, rpm, pip, npm, cargo…) and cross-references NVD, OSV.dev, and CISA KEV.
0 6 * * * orionradar scan
Alert when it matters
If it finds a high/critical CVE in your stack, it sends email or Slack. Plain-language summary + exact remediation. CVE data only — no hallucination.
What an alert looks like
Plain language. Specific. Actionable.
The AI doesn't invent anything — it rewrites NVD and CISA data. You immediately know what to do.
🚨 Critical vulnerability — debian-prod-01
What happened?
CVE-2024-6387 — CVSS 8.1 (HIGH) — CISA KEV ✓
Affected: openssh-server 8.9p1 (debian-prod-01)
How serious is it?
An OpenSSH race condition allows unauthenticated remote attackers to execute code as root. CISA confirmed active exploitation. SSH ports exposed to the internet are at immediate risk.
What to do?
Immediate action: Update openssh-server to version 9.8p1.
apt update && apt upgrade openssh-server Software Inventory & SBOM
Not just alerts — full visibility into your stack.
The agent builds a full software inventory per machine: every package, version, licence — searchable dashboard. SBOM export in CycloneDX format for audits and compliance.
Searchable inventory per machine
Every package in one place: dpkg, rpm, apk, pip, npm, cargo. Filterable per machine, searchable by version.
Licence visibility
Every package shows its licence (MIT, Apache-2.0, GPL…). Filter for copyleft licences — critical for closed-source products.
SBOM export — CycloneDX & SPDX
One-click SBOM export for EU CRA audits, insurance questionnaires, and internal processes. JSON and XML.
Fleet overview
Which machine has an outdated package? Where's a critical CVE? Which machines aren't covered? All in one view.
Data input
3 ways to get your inventory in.
The agent is easiest — but you can upload manually, or push data via API with your own scripts.
Rust Agent (recommended)
Standalone binary, zero dependencies. Cron runs it daily, auto-ships inventory. Setup in 30 seconds.
$ curl -sSL https://get.orionradar.io | sh $ orionradar init --token YOUR_TOKEN $ orionradar scan ✓ 881 packages sent
Manual upload
Upload JSON, CSV or SBOM file (CycloneDX, SPDX) from the dashboard. Ideal for air-gapped systems where the agent cannot reach the internet.
Supported formats: CycloneDX JSON / XML SPDX JSON / RDF orionradar.json (native) CSV (name, version, type)
REST API
If you already have an inventory tool, just POST the data to our API. Callable from any language, token-based auth.
POST /api/v1/inventory Authorization: Bearer TOKEN { "host": "prod-01", "packages": [ {"name": "openssl", "version": "3.0.2"} ] }
Regulatory compliance
Inventory and CVE monitoring isn't just security — it's a legal requirement.
OrionRadar doesn't certify — but its reports and SBOM exports produce exactly the evidence regulators and auditors expect to see.
EU Cyber Resilience Act
Mandatory: December 2027
Critical
What does CRA require?
Maintain SBOM of all components (Annex I) ✓ OrionRadar provides
Continuous monitoring of known vulnerabilities ✓ Daily scan
Document vulnerability handling process (from 2026) ✓ Audit log + report
Evidence of patch management ✓ CVE status tracking
NIS2 Directive
In effect: since October 2024
Active
What does NIS2 require?
Vulnerability management policy and process ✓ Documented workflow
Timely identification of security incidents ✓ Daily scan
Supply chain security — component visibility ✓ Inventory + SBOM
Auditable evidence for authorities ✓ PDF report export
ETSI EN 303 645 / RED
RED mandatory: since August 2025
IoT focus
What does ETSI / RED require?
Software component inventory (§6.1) ✓ Automatic inventory
Minimize known vulnerabilities (§6.2) ✓ CVE matching
Verify update mechanisms ✓ Patch status tracking
Third-party component risk (SBOM-based) ✓ Licence + CVE report
ISO 27001 / IEC 62443
Global industry standard
Standard
What does it help evidence?
A.12.6 — Management of technical vulnerabilities ✓ ✓
IEC 62443 — Asset inventory and CVE monitoring (SL-1) ✓ ✓
Auditable evidence for certification body ✓ ✓
Cyber insurance questionnaires ✓ SBOM export
EU DORA Regulation
In effect: since January 2025
Finance
What does DORA require?
Identification of ICT assets (Art. 8) ✓ Software Inventory
Preventive protection & patch management (Art. 9) ✓ Version monitoring
Detection of potential threats (Art. 10) ✓ Proactive detection
Threat intelligence gathering (Art. 13) ✓ Vulnerability alerting
Screening for outdated / End-of-Life software (Art. 7) ✓ Auto EOL detection
OrionRadar does not replace formal audits or certification — but it produces the evidence and documentation that lets manufacturers and operators arrive prepared for accredited assessments. Full gap analysis and certification support is available through OrionRND consulting services.
Pricing
Transparent pricing, no surprises.
Early access subscribers get 50% off the first year on all cloud plans.
Free
€0
forever free
- 2 machines
- Daily scan
- Critical CVE email alert
- Software inventory dashboard
- Rust agent + manual upload
Most popular
Pro
€38 €19
/ month · billed annually
- 20 machines
- High + Critical CVE alerts
- Email + Slack + webhook
- AI summary + CISA KEV
- SBOM export (CycloneDX)
- Licence visibility
- REST API access
- Weekly PDF report
Team
€78 €39
/ month · billed annually · up to 100 machines
- 100 machines
- Everything in Pro
- Multi-user + roles
- SIEM integration
- Priority support
Scale
€138 €69
/ month · billed annually · up to 500 machines
- 500 machines
- Everything in Team
- Dedicated onboarding
- Custom alert rules
- SLA + support channel
Enterprise — On-Premise
€899 / year · unlimited machines
- Self-hosted Docker — no data leaves your network
- Unlimited machines
- Everything in Scale + LDAP/SSO
- You operate it — we provide containers only
- Annual licence + updates
Be the first to use it.
OrionRadar is in development. Early subscribers get free beta access + 50% off the first year.
Join early subscribers — limited spots