start discovery
Start with a focused fit check.
Help us understand your environment so we can confirm if a read‑only scan is the right first step. No secrets, account IDs, diagrams, or production access are needed for the first message.
vishcore [start discovery]
client@discovery:~$ vishcore discovery --fit-check
→ no portal login, no access request, no secrets in the first message
→ serious inquiries get a focused reply; no generic audit checklist
→ first message is a fit check; paid discovery is scoped only after the context is clear
fit check
Discovery starts with a conversation.
The first step is understanding your pressure point, timeline, and cloud reality to confirm if a read‑only scan is useful.
Before any AWS access, serious buyers learn who will lead the engagement, with reference context and signed engagement terms. The first message stays free of secrets, account IDs, ARNs, and credentials.
Private references can be discussed under mutual NDA after a serious fit check when a reference has explicitly approved that use.
Direct email: hello@vishcore.com .
Prefer to prepare offline? Print the pre-discovery worksheet.
- Step 1 of 4: Context received Vishcore reviews the pressure point, timeline, cloud provider, and Terraform reality.
- Step 2 of 4: Fit check If discovery can produce useful evidence, the next call stays focused on scope and access boundaries.
- Step 3 of 4: Control snapshot Discovery maps the highest-signal cloud gaps into severity, owner, and evidence language.
- Step 4 of 4: Scoped remediation Project work starts only after the evidence queue, rollout order, exclusions, and handoff are clear.
vishcore [include]
Give enough context to make the first reply useful.
- INCL Cloud provider and scope: AWS, Azure, GCP, or mixed cloud; production, staging, or all environments.
- INCL Pressure point: SOC 2, enterprise security review, buyer deadline, internal risk, or cloud-control concern.
- INCL Current blocker: identity, logging, encryption, backups, restore proof, disaster recovery, network exposure, Terraform drift, or unknowns.
- INCL IaC reality: where Terraform is trusted, partial, stale, or missing.
- INCL Preferred outcome: discovery only, scoped remediation, migration support, or ongoing guardrails.
vishcore [do-not-send]
Keep the first message safe.
- OUT Do not send passwords, tokens, keys, private diagrams, account numbers, recovery diagrams, or customer data.
- OUT The first step is not production access; it starts as a fit check and scoping conversation.
- OUT Read‑only discovery uses a client-created cross-account role with External ID, scoped to the Vishcore scanner allowlist, with no write/remediation permissions or secret-value reads.
- OUT SOC 2 still needs client-owned policies, people/process controls, and auditor judgment.
Submit discovery context
Fill out the fields below. This form will assemble your context and open your default email client to send it directly to Vishcore. No backend database stores your submission before it reaches our inbox.