Centraleyezer logo
Centraleyezer
Platform Overview

One Platform.
Complete Risk Visibility.

Centraleyezer unifies asset intelligence, contextual risk scoring, compliance evidence, and remediation tracking so your security team always knows what to fix first.

Built for every layer of vulnerability management

Six interconnected modules that work together โ€” or connect to your existing tools via the REST API.

Asset Discovery & Inventory

  • Manage IP addresses, websites, applications, and custom assets
  • Business criticality scoring (BCS) per asset
  • Network range and IPAM management
  • Bulk CSV/TXT import and network discovery
  • Group-based asset access control

Contextual Risk Scoring

  • Combines DREAD, asset criticality, network exposure, exploitability, CTI signals, and a Human-AI feedback loop to rank findings by real risk
  • Exploitable findings flagged for priority remediation
  • CVE/CWE/OWASP correlation across all findings (for traceability โ€” not used as scoring inputs)
  • Risk score tied to asset business criticality and owner reaction time โ€” same CVE, different priority per asset and per team
  • CVSS, EPSS, and CISA KEV are deliberately not used as scoring inputs

Compliance Evidence

  • Vulnerability data and audit evidence mapped to NIS2, DORA, ISO 27001, and PCI-DSS requirements
  • Technical, CISO, and Executive vulnerability report views
  • DOCX report templates โ€” customisable per client
  • On-demand report generation with your branded templates
  • Full audit trail for every finding state change
  • Note: Centraleyezer supports your compliance work with evidence and audit trails โ€” it does not generate the framework-specific compliance reports themselves.

Remediation Workflows

  • Action plans per finding with assignee and deadline
  • SLA tracking: acknowledged and resolved SLA per severity
  • Risk acceptance with expiry date
  • Full remediation audit trail
  • REST API for external ticketing integration

MSSP Multi-Tenancy

  • Dedicated isolated instance per client โ€” zero data bleed
  • Per-client dashboards, reports, and SLA tracking
  • Centralised admin console across all client environments
  • Reseller API for licence and deployment automation
  • White-label reporting per client

Reporting & Analytics

  • Executive risk dashboards with trend analysis
  • CISO view: remediation status, SLA adherence, risk velocity
  • Technical view: full finding details for security teams
  • Custom DOCX report builder with template engine
  • Scheduled report delivery to stakeholders
Architecture

Designed for scale and security

Centraleyezer is self-hosted with a multi-tenant architecture, giving you full data sovereignty and the flexibility to run in your own cloud or on-premises environment. Each client environment is an isolated container instance.

  • Data Sovereignty

    Self-hosted โ€” your vulnerability data never leaves your infrastructure.

  • Tenant Isolation

    Each MSSP client runs in a dedicated isolated container instance.

  • Real-Time Alerts

    Notification rules trigger on finding creation, escalation, or resolution.

  • API-First Design

    Full REST API across findings, assets, projects, and users.

// Contextual risk score (six-factor model)

{

"asset": "payments-api-prod",

"cve": "CVE-2024-3094", // metadata, not a scoring input

"dread": { "D": 9, "R": 7, "E": 8, "A": 9, "D": 6 }, // avg 7.8 / 10

"asset_criticality": "critical", // ร—1.20

"network_zone": "internet_facing", // ร—1.30

"exploitable_in_env": true, // ร—1.30 (your config, not generic)

"cti_active_30d": 3, // ร—1.15 (active campaigns)

"owner_response": "fast", // ร—0.92 (ack 2.5h ยท fix 18h median)

"contextual_score": 99, // 0-100, priority 3 / 4217

"ack_sla": "2024-03-30T08:00:00Z",

"solved_sla": "2024-04-06T08:00:00Z"

}

Integrations

Works with your existing security stack

14 scanner integrations, LDAP/SSO/Entra ID authentication, Wazuh SIEM, Slack and email alerting, and a full REST API for anything custom.

Nessus ProfessionalTenable.io SCQualys VMDRRapid7 InsightVMBurp Suite EnterpriseAcunetixAWS InspectorTrivyShodanSSL LabsWazuhDetectifyHarbor (container scanning)AgentSecHCL AppScanRed Hat Satellite
Authentication

Fits your identity stack

Centraleyezer supports the authentication methods your organisation already uses โ€” from Active Directory in on-premises environments to Azure AD for cloud-first teams.

  • LDAP / Active Directory
  • Entra ID / Azure AD (OAuth2 / OIDC)
  • 2FA (TOTP)
  • Local username + password
  • SSO โ€” SAML 2.0 (roadmap)
Reporting

Three report views,
one data set

Generate the right level of detail for every audience from the same vulnerability data โ€” using your own branded DOCX templates.

  • Executive report โ€” KPI summary, risk trends, and board-ready metrics.
  • CISO report โ€” Remediation status, SLA adherence, and programme health.
  • Technical report โ€” Full finding details, CVE data, contextual risk score breakdown, and remediation guidance.

Ready to see the platform?

Book a 30-minute personalised demo and see Centraleyezer working on your real environment.

Centraleyezer Platform โ€” Contextual 6-Factor RBVM Software | Centraleyezer