# DygDog Technical Details

DygDog is a continuous, AI-powered enterprise security scanner built for modern engineering and DevSecOps teams.

## Platform Capabilities

1.  **AI-Powered Remediation:** Every finding ships with context-aware, infrastructure-specific fix guidance generated by frontier LLMs — not generic advice. Snippets are tailored to frameworks like Next.js, Express, Django, etc.
2.  **Context-Aware Risk Scoring:** Risk scores adapt to your industry sector, geographic region, EPSS exploit probability, and live CISA KEV status.
3.  **Real-Time Threat Intel:** Findings are enriched against live feeds at scan time. Built-in feeds include:
    *   CISA Known Exploited Vulnerabilities (KEV)
    *   NVD CVE Data
    *   EPSS (Exploit Prediction Scoring System)
    *   PhishTank
    *   URLHaus
    *   OpenPhish
4.  **OWASP / CWE / CVE Mapping:** Every finding maps to OWASP Top 10, CWE taxonomy, and CVE identifiers for full traceability.
5.  **Compliance Evidence Packs:** Auto-generates timestamped evidence for SOC 2, ISO 27001, GDPR, and OWASP audits directly from scan results.
6.  **Social Engineering Detection:** Surfaces typosquat domains, homoglyph attacks, and brand impersonation campaigns.

## Scan Modules

DygDog runs dozens of passive security checks. Example modules include:

*   **DNS & Infrastructure:** DNS Records Check, Subdomain Takeover Analysis, DNSSEC Validation, CAA Record Check.
*   **Network & TLS:** Port Scan (Common), TLS Config Analysis, Certificate Expiry Check.
*   **HTTP & Application:** Security Headers (HSTS, CSP, etc.), Cookie Security Analysis, CORS Misconfiguration, Exposed Admin Panels, Directory Listing, GraphQL Introspection.
*   **Threat Intel:** Open Redirect Detection, Phishing Domain Check.

## Use Cases

*   **Continuous Monitoring:** Automatically scan web applications daily or continuously to detect regressions in security headers, TLS configurations, or exposed endpoints.
*   **Compliance Audits:** Generate instantaneous SOC 2 or ISO 27001 compliance evidence packs based on live infrastructure scans.
*   **Developer Remediation:** Equip engineering teams with precise code snippets (e.g., how to configure CSP in Next.js) rather than opaque vulnerability reports.

## Pricing

DygDog offers tiered pricing to support individuals through enterprise usage.
*   **Lite:** Free. Includes 12 core passive modules, basic header checks, limited AI remediation.
*   **Pro:** Ideal for growing teams. Full module access, CISA KEV enrichment, advanced AI guidance.
*   **Enterprise:** Comprehensive suite, including custom compliance mapping, SSO, and dedicated support.

## Access

*   **Website:** https://dyg.dog
*   **App/Dashboard:** https://dyg.dog/dashboard
*   **Blog:** https://dyg.dog/blog
*   **API/Integrations:** Built for seamless CI/CD integration.