Understanding Orithos
How the platform works, what each component does, and how security testing fits into your agent development lifecycle. Use the sidebar to navigate specific feature guides.
Feature documentation
Agents
Register and configure LLM endpoints for scanning.
Scans
Create, monitor, and rerun security scans.
Findings
Understand severity, CVSS scores, and evidence.
Compliance
Framework mappings and audit reports.
Simulator
Privilege escalation simulation.
Providers
Differential testing across providers.
MCP Registry
Model Context Protocol tools and policies.
API Keys
Authentication and role-based access control.
Retention
Data retention policies and purge behavior.
Billing
Plans, quotas, and subscription management.
Architecture
System design, components, and data flow.
Security
Encryption, hashing, and audit logging.
Key concepts
Agent
An LLM endpoint registered with Orithos. Orithos probes your agent by sending requests to this endpoint and analyzing responses.
Probe
A single security test case targeting a specific vulnerability class. Orithos ships 100+ probes covering prompt injection, tool misuse, data leakage, and privilege escalation.
Scan
An execution of a probe set against an agent. Scans run asynchronously via a Redis-backed worker queue. Each scan produces findings with severity grades.
Finding
A detected vulnerability with a severity rating and CVSS 4.0 score. Each finding includes an attack path, evidence, and remediation guidance.
Attack Path
The sequence of tool calls or inputs that leads to a vulnerability. Attack paths explain exactly how an exploit works against your agent.
Compliance Mapping
Findings are automatically mapped to 8 frameworks: OWASP LLM, CWE, MITRE ATLAS, NIST AI RMF, SOC 2, ISO 27001, HIPAA, and NIST 800-53.