CYNTRISEC
AWS SECURITY GRAPH CLI
The Agentic Trust Engine for AWS.
Read-only capability graph. Attack path discovery. Optimized for LLMs.
user@cyntrisec:~$ pip install cyntrisec
user@cyntrisec:~$ cyntrisec scan --profile prod
Building capability graph... [OK]
Found 3 critical attack paths.
user@cyntrisec:~$ cyntrisec serve
MCP Server running... (awaiting agent connection)
Agent connected. Context provided.
user@cyntrisec:~$
> pip install cyntrisec
[ Copy PIP Install ]
[ GRAPH_ANALYSIS ]
Builds a full capability graph of IAM, network, and dependencies to find hidden attack paths.
[ AGENTIC_INTERFACE ]
Native MCP (Model Context Protocol) server. Connect Claude Desktop or other agents to reason about your infra safely.
[ COST_OPTIMIZATION ]
Proof-carrying cost cuts. Detect unused resources (`waste`) and unnecessary capabilities (`cuts`) deterministically.
[ READ_ONLY_SAFETY ]
Default safe mode. Scans via AssumeRole without modifying infrastructure. No data exfiltration.
[ DETERMINISTIC_JSON ]
Structured outputs designed for automation pipelines and machine consumption.
[ LOCAL_FIRST ]
Runs on your machine. No SaaS backend required. Your credentials stay with you.