Transform application names into CISO-ready trust briefs in minutes
Tarkist.us is an AI-powered security assessment platform that evaluates third-party software across 15 comprehensive dimensions. Built for security teams and CISOs who need accurate, concise, and source-grounded snapshots of a product's security posture—fast.
Moving security from reactive firefighting to proactive enablement.
Security teams are constantly asked to approve new tools they've never seen before. They need:
- ✅ Accurate security posture summaries
- ✅ Source-grounded claims with citations
- ✅ Fast turnaround (2-10 minutes)
- ✅ Trust scores with confidence levels
- ✅ Safer alternatives when available
Tarkist.us delivers all of this and more.
- Vendor Information - Company background, reputation, and history
- Product Classification - Clear taxonomy (File sharing, GenAI tool, SaaS CRM, etc.)
- CVE Tracking - Common Vulnerabilities and Exposures with CISA KEV alerts
- Incident Timeline - Security incidents and abuse signals
- Compliance Dashboard - SOC2, ISO 27001, GDPR, and industry certifications
- Data Handling Flow - Storage, transmission, and privacy analysis
- AI Features Audit - AI capabilities, data usage, and training disclosure
- Deployment Controls - Admin controls and platform support
- Permissions Matrix - Access control and security features
- Release Lifecycle - Update frequency and security practices
- Trust Score - 0-100 rating with rationale and confidence
- Alternative Suggestions - Safer alternatives with rationale
- Source Citations - Every claim verified and cited
- Security Radar Chart - Visual security dimension comparison
- CVE Trend Analysis - Historical vulnerability tracking
- 🌙 Dark Mode - System-aware theme switching
- 📱 Fully Responsive - Mobile, tablet, and desktop support
- ⚡ Lightning Fast - Optimized performance with Next.js 14
- 🎭 Smooth Animations - Framer Motion for delightful interactions
- 📊 Rich Visualizations - Interactive charts with Recharts
- ♿ Accessible - WCAG compliant components
- 🔍 Real-time Search - Autocomplete with intelligent suggestions
- Next.js 14 - React framework with App Router
- TypeScript - Type-safe development
- Tailwind CSS - Utility-first styling
- shadcn/ui - Beautiful component library
- Framer Motion - Smooth animations
- Recharts - Data visualizations
- Lucide Icons - Modern icon set
- next-themes - Dark mode support
- FastAPI - High-performance web framework
- Python 3.11+ - Programming language
- SQLAlchemy - ORM for database
- Alembic - Database migrations
Each assessment evaluates software across these dimensions:
| Dimension | Description |
|---|---|
| 🏢 Vendor Info | Company background, reputation, history |
| 📦 Product Info | Classification, description, usage |
| 🔒 CVE Analysis | Vulnerabilities with CISA KEV alerts |
| Security incidents and abuse signals | |
| ✅ Compliance | SOC2, ISO 27001, GDPR certifications |
| 💾 Data Handling | Storage, transmission, privacy |
| 🤖 AI Features | AI capabilities and data usage |
| 🎛️ Admin Controls | Deployment and management features |
| 🔐 Permissions | Access control matrix |
| 🔄 Release Lifecycle | Update frequency and practices |
| 📈 Trust Score | 0-100 rating with rationale |
| 🔄 Alternatives | Safer alternative suggestions |
| 📚 Sources | Citations and verification |
| 📊 Security Radar | Visual dimension comparison |
| 📉 CVE Trends | Historical vulnerability analysis |
- Enter an application name (e.g., "Slack", "GitHub")
- Get comprehensive security analysis in 2-10 minutes
- Review trust score, CVE trends, compliance status
- Explore safer alternatives if available
- Export as PDF for sharing
- Slack - Trust Score: 78/100
- GitHub - Trust Score: 88/100
Try searching for these applications to see full assessment reports!
- Source Verification - All claims are cited with verification status
- Confidence Levels - Each assessment includes confidence ratings
- Transparent Scoring - Trust score rationale is fully explained
- No Data Storage - Assessments are generated on-demand
- Local Caching - Lightweight JSON cache with timestamps
- Withsecure - Challenge sponsor and guidance
- Junction 2025 - Hackathon organizers
- Team Hyperboli - Development team
- CVE/CVSS databases
- CISA KEV catalog
- Vendor security pages
- Compliance certification databases
- Public security advisories
Built with ❤️ for Junction 2025