December 29th, 2025

New

Excalibur SaaS V1

The day cybersecurity stopped pretending

Most changelogs start with features.

This one starts with a question.

What if cybersecurity didn’t begin with tools, dashboards, or templates?

What if it began with ground truth?

That question is why Excalibur exists.

And V1 is our first real answer.

Act I: Before the Attack, There Was a Map

Every breach story sounds the same in hindsight.

“We didn’t know this could happen.”

So we built the part most platforms skip.

Threat Modeling, rebuilt from first principles

In Excalibur V1, offensive security starts where it should: understanding the system.

You can drop in:

  • Architecture diagrams

  • Confluence documentation

  • Zoom transcripts from design reviews and incident calls

Excalibur doesn’t just store them.

It connects them.

Behind the scenes, we construct a living mind map.

A neural network of your product.

Assets, trust boundaries, flows, assumptions all tied together.

From that foundation, Excalibur:

  • Builds multi-framework threat models automatically

  • Pinpoints exact areas of compromise, not generic risks

  • Generates unlimited attack vectors, grounded in your actual system

No copy-paste STRIDE tables.

No abstract diagrams that look good and do nothing.

Just a clear answer to: “If I were the attacker, where would I start?”

Act II: Turning Assumptions Into Reality

Threat models are hypotheses.

Attack vectors are questions.

So we made it easy to answer them.

Every attack vector in Excalibur can be pulled into a fully adaptive tabletop exercise.

Not a four-hour meeting.

Not a PDF no one updates.

A focused, one-hour simulation where you:

  • Walk through the attack step by step

  • Document controls and gaps as you go

  • Capture decisions, ownership, and outcomes

Tabletops stop being theatre.

They become rehearsals.

Act III: The Death of the Word Document

Then there’s reporting.

We looked at how pentest reports are written today.

Microsoft Word.

Rigid templates.

RBAC that breaks.

Platforms full of features nobody touches.

So we removed all of that.

Reporting, reimagined

In Excalibur V1, reporting lives on a canvas.

You create a visual, tree-like structure:

  • Business units

  • Organisations

  • Engagements

  • Reports

Drag. Drop. Done.

Open a report and you’re inside a clean, Notion-style editor that supports:

  • Text

  • Images

  • Video

  • Audio

  • Visual attack flows using Excalidraw

You don’t describe the attack anymore.

You show it.

Sharing is simple:

  • One link

  • View or comment only

  • RBAC that actually works

And reporting isn’t limited to pentests.

Teams already use it for playbooks, internal reviews, and security narratives.

Same canvas. New purpose.

Act IV: Templates That Finally Behave

Pentest teams know this pain.

Every client wants a different template.

Every change breaks the workflow.

So we did something obvious.

Templates live on the canvas.

Edit a template once.

Every new report uses it instantly.

Change your mind?

Edit it again.

Create a new report. Done.

No migrations.

No broken formatting.

No wasted time.

You document.

Excalibur handles the structure.

Act V: Where Your AI Runs Is Your Choice

V1 ships in two forms.

Excalibur for SaaS

  • Threat Modeling

  • Tabletop Exercises

  • Visual Reporting

  • Integrated support for OpenAI and RunPod

  • More integrations coming

Excalibur for Enterprise

Everything above. Plus something most platforms won’t offer.

On-prem deployment.

Excalibur can run entirely inside your environment on an AI supercomputer:

  • All language models

  • All pentest agents

  • The full platform

No data leaves.

No training on your data.

No cloud dependency.

This is our vision of privatised cybersecurity

where customers keep both the data and the power.

What We Didn’t Build (On Purpose)

We didn’t copy every cybersecurity vendor feature list.

We didn’t chase checkboxes.

We didn’t optimise for demos.

We designed the experience first.

Then built only what mattered.

Every component in Excalibur exists for a reason.

If it wasn’t essential, it was removed.

That’s the constraint we chose.

And it shows.

Who V1 Is For

  • CISOs who want clarity instead of noise

  • Pentesters who care about thinking, not formatting

If you believe security should be grounded in reality, not ritual,

you’re in the right place.

This Is Just the Beginning

V1 isn’t “feature complete.”

It’s direction complete.

From here, we extend outward - more integrations, more agents, deeper automation without losing the ground truth that everything is built on.

Cybersecurity doesn’t need more tools.

It needs better thinking.

Welcome to Excalibur

Other Bug Fix and Optimization

  • 🔧 Memory optimization and security audit for npm dependencies

  • 🔧 Production build configuration with npm security fixes

  • 📦 Updated package dependencies with security vulnerability patches

  • ⚡ Optimized Docker memory allocation for DigitalOcean server builds

  • 🚀 Merged staging branch updates to production

  • 🚀 Production deployment configuration updates

  • 🐳 Updated Docker and CI/CD workflows for production deployment

  • ✅ Reporting module verification and quality checks

  • 🐛 Fixed toast notifications causing layout shift in modals

  • ✨ Added RBAC module sharing with Access Control UI

We push updates multiple times a week so be in the know by subscribing to updates.