Skip to main content
Neo’s output is evidence, not alerts. Every validated finding includes the complete chain of proof: what was found, how it was exploited, what the impact is, and exactly how to fix it. This page covers what Neo produces, how evidence is structured, and how your team can use it.

What Neo Produces

Every assessment Neo runs generates two categories of output: Findings are validated vulnerabilities backed by proof of exploitability. Each finding represents a confirmed security issue that Neo discovered, exploited, and documented with enough detail for your team to reproduce and fix it independently. Artifacts are the raw evidence captured during an assessment: HTTP request/response pairs, terminal output, browser screenshots, code snippets, network traces, and execution logs. Artifacts support findings and provide the full audit trail of what Neo did during an assessment. Together, findings and artifacts give your team a complete picture — what’s vulnerable, how Neo proved it, and what to do about it.

Anatomy of a Finding

Every finding Neo reports follows a consistent structure:

Severity and Classification

Findings are rated Critical, High, Medium, or Low based on real exploitability and demonstrated business impact. Severity reflects what Neo actually achieved during exploitation, not theoretical risk scores or CVSS calculations disconnected from your environment. Each finding is classified by vulnerability type (SQL Injection, Broken Access Control, SSRF, etc.) and mapped to industry standards including OWASP Top 10 and CWE identifiers.

Exploit Evidence

This is the core of every finding. Neo includes:
  • Payload — the exact input, request, or sequence that triggered the vulnerability
  • Execution trace — the full chain of steps Neo took from discovery through successful exploitation
  • HTTP request/response pairs — raw traffic showing the exploit in action
  • Screenshots — browser captures demonstrating the vulnerability where applicable (XSS rendering, UI-based access control bypasses, admin panel access)
  • Code references — the specific files, functions, and lines in your codebase where the vulnerability originates, when a repository is connected

Reproduction Steps

Every finding includes a step-by-step guide your team can follow to reproduce the vulnerability independently. These are written for engineers, with exact endpoints, parameters, headers, and payloads specified. Your team can verify every finding without relying on Neo to demonstrate it again.

Impact Assessment

Neo describes the real-world impact of the vulnerability based on what it actually achieved during exploitation. If Neo was able to extract user data, escalate privileges, or access internal services, the impact assessment reflects that concrete outcome rather than a generic description of what the vulnerability class could theoretically allow.

Remediation Guidance

Fix recommendations are specific to your codebase and architecture. Neo references the actual files, functions, and code patterns involved, and suggests the precise changes needed to resolve the issue. When multiple remediation approaches exist, Neo explains the tradeoffs so your team can choose the right fix for their context.

Artifacts

Artifacts are the raw materials captured during every assessment. They provide the full audit trail behind Neo’s findings and are available for independent review, compliance, and archival.

Types of Artifacts

ArtifactDescription
HTTP trafficComplete request/response pairs for every interaction Neo had with your application during testing
Terminal logsFull command output from every tool Neo executed, including Nuclei, ffuf, sqlmap, and custom scripts
Browser capturesScreenshots and DOM snapshots taken during browser-automated testing
Code snippetsRelevant sections of source code referenced during analysis, with annotations showing data flow and vulnerability points
Network tracesPacket captures and connection logs from infrastructure and service-level testing
Assessment planThe full reasoning trace showing how Neo planned the assessment, what it prioritized, and how it adapted its approach

Artifact Retention

All artifacts are stored securely and indexed for instant retrieval. Your team can access artifacts from any previous assessment to review evidence, compare findings across runs, or pull materials for compliance and audit workflows. Artifacts are scoped to your organization and encrypted at rest. Access follows the same permissions model as the rest of your Neo workspace.

Reports

Neo generates structured reports from assessment results that your team can share, export, and use for stakeholder communication.

Assessment Summary

Every completed assessment produces a summary report containing:
  • Total scope tested (endpoints, services, flows covered)
  • Findings by severity with direct links to full evidence
  • Comparison against previous assessments (new findings, resolved findings, regressions)
  • Coverage map showing which areas of your attack surface were tested and to what depth

Trend Reporting

Across scheduled assessments, Neo tracks your security posture over time. Trend reports show:
  • How your finding count is changing across assessment runs
  • Which vulnerability classes appear most frequently in your stack
  • Mean time to remediation for findings your team has fixed
  • Regression rate for previously resolved vulnerabilities
These reports give security leaders and engineering managers a clear view of whether security is improving as your team ships, without manually assembling metrics from multiple tools.

Export and Sharing

Reports can be exported in standard formats for stakeholders who need security documentation outside of Neo:
  • PDF — formatted reports suitable for executive review, board presentations, and customer security questionnaires
  • CSV — raw finding data for integration with GRC platforms, spreadsheets, or custom dashboards
  • Markdown — for inclusion in internal wikis, Notion, or documentation systems

How Evidence Flows Into Your Workflow

Findings and evidence are most valuable when they land directly in the tools your team already uses.

Issue Tracking

When Linear or Jira is connected, each finding is automatically created as a trackable issue with full evidence attached: severity, exploit details, reproduction steps, code references, and remediation guidance. Your team assigns, prioritizes, and resolves findings within their existing workflow. When a fix ships and Neo retests successfully, the issue status updates automatically. If a regression is detected in a future assessment, Neo reopens the issue with updated evidence showing the vulnerability has resurfaced.

Slack Notifications

Assessment summaries and critical findings are delivered to your configured Slack channels. Notifications include severity, a brief description, and a direct link to the full finding with evidence in Neo.

Regression Tracking

Every validated finding enters Neo’s regression monitoring automatically. In future assessments, whether PR-triggered, scheduled, or manual, Neo retests previously fixed vulnerabilities to confirm they remain resolved. The finding history shows the full lifecycle: discovered → reported → fixed → verified → monitored.

Evidence as the Foundation

Every other capability Neo offers, agents, memory, sandboxes, scheduling, exists to produce this output. The autonomous planning finds vulnerabilities. The specialized tooling exploits them. The sandboxes make testing safe. The memory makes every assessment more targeted. What your team receives at the end is the only thing that matters: a short list of real, validated vulnerabilities with everything needed to fix them, verify the fix, and ensure they stay fixed.