Architectural Analysis: Exposure as a Persistent Entity
Composed analysis turning founder W1 feedback into an architecture: Authority Path is the durable object, Exposure is a time-bound finding on a path, and Risk Clusters group related exposures.
8 docs tagged with "risk-cluster"
View all tagsData Model
9-type entity system (identity, workload, connection, credential, owner, role, permission, resource, execution_evidence) and execution chains for the SecurityV0 execution/authority graph
Exposure Aggregation APIs: Implementation Plan
W1 Gap 1 plan: align the four exposure-aggregation endpoints (posture summary, risk-clusters, exposures list, exposure detail) with the W1 spec so the four UI pages render correct demo data.
Founder Feedback Plan - Authority Path and Persistent Exposure Model
Multi-role (architect, CSO, product owner, developer, integrator) analysis of founder feedback from February 18, 2026
G1 + G2 + G3 Implementation Plan
Consolidated implementation plan for Exposure Aggregation APIs (G1), Remediation Content Generation (G2), and Scope Drift UX (G3)
Glossary
Canonical definitions for SecurityV0 domain terminology — NHI, execution chains, entity types (identity, workload, connection, credential, owner), relationship types (RUNS_AS, CALLS, INVOKES, USES,...
Vision Alignment — Architect Perspective Analysis
Architectural analysis reconciling doc 06 (4-concept model) and doc 07 (naming plan) with Sergey's W1 product vision, UX spec, and existing 9-entity data model
W1 Unified Implementation Plan
Comprehensive implementation plan synthesizing workload rename, W1 evaluator rules, risk cluster computation, exposure concept, posture summary, and full UX redesign