Architecture
CyberDoc is an edge-first cybersecurity platform. The frontend runs as a single-page application with serverless API functions at the edge. Security scanning and AI analysis are handled by backend services.
Platform Overview
| Layer | Description |
|---|
| Frontend | React SPA with terminal-style UI. Runs entirely in the browser. |
| API | Serverless functions at the edge. Sub-5ms cold start, globally distributed. |
| Storage | Distributed key-value store for scan data. Relational database for accounts and billing. |
| AI Engine | AI-powered diagnosis analyses scan results and generates prioritised recommendations. |
| Voice Agent | Real-time voice consultation walks users through findings and offers remediation guidance. |
| Scan Lab | Professional security scanning tools available on paid plans (Pro, Business, Enterprise). |
| Red Team | AI-driven penetration testing with multiple assessment modes (Business and Enterprise plans). |
Free Scan Flow
A free CyberDoc health check runs through these stages:
- Lead capture — User provides name, email, and optional username. Bot protection verified.
- Email breach check — Email checked against known breach databases for exposure history.
- Social profile sweep — Username checked against 640+ public platforms for digital footprint exposure.
- Browser privacy test — 7 client-side checks for WebRTC leaks, fingerprinting, TLS, cookies, DNS, and more.
- AI Diagnosis — All findings are analysed by AI for contextual diagnosis with severity-rated issues and prioritised actions.
- Report — Scored report with breach timeline, social profile grid, and browser security findings.
- Voice consultation (optional) — Real-time voice agent walks through findings and can guide browser privacy fixes.
Paid Features
| Feature | Plans | Description |
|---|
| Dashboard + Threat Map | Pro, Business, Enterprise | Workspace-scoped scan history, geo-located threat visualisation, usage tracking. |
| Scan Lab | Pro (5 tools), Business (17), Enterprise (unlimited) | Professional security scanning tools: port scanning, vulnerability detection, TLS analysis, DNS auditing, and more. |
| Red Team | Business (3/mo), Enterprise (15/mo) | AI-driven penetration testing. Enterprise includes advanced modes and crew (multi-agent) strategy. |
| Branded PDF Reports | Pro, Business, Enterprise | Downloadable reports for Lab and Red Team scans. Enterprise supports white-label branding. |
Security Design
- Edge-first — API functions run globally at the edge with no cold starts.
- Bot protection — All form submissions verified with challenge-based protection.
- Encryption — All data in transit over HTTPS/TLS 1.3. Secrets stored as encrypted environment variables.
- Data retention — Scan data retained for 90 days. Users can request deletion at any time.
- Privacy — Compliant with Australian Privacy Act 1988. No data sold to third parties.
- Isolation — Paid customer workspaces are fully isolated. Scan data is workspace-scoped.
Tech Stack
| Category | Technology |
|---|
| Frontend | React 18, Vite, Fira Code terminal aesthetic |
| API | Serverless edge functions (V8 isolates) |
| Storage | Distributed KV + relational database |
| AI Diagnosis | Large language model analysis |
| Voice Agent | Real-time voice API with transcript |
| Bot Protection | Challenge-based verification |
| Payments | Stripe (AUD billing) |