Relevance Digest · by Skein

The ten security items that touch your assets. Every morning.

Not a threat-intelligence platform. A daily email, scored against your asset profile and priority intelligence requirements, for the team that has no analyst to run a platform. 95% of the firehose doesn't touch you. We cut it.

Start a free 2-week pilot See pricing

A real issue looks like this

Sample built against an example subscriber profile: a mid-size insurer running an internet-facing VPN appliance, Microsoft 365 / Entra ID, a public Java web app, Splunk, CrowdStrike, and a third-party AI helpdesk connector. PIRs: ransomware staging, supply-chain compromise, edge-device exploitation, anything touching policyholder PII. Live issues pull real items each morning; scores here are illustrative.

RELEVANCE DIGEST — Example Insurer

10 items that touch your assets today · scored 0–100 · read time ~4 min

94Edge VPN appliance: active exploitation of an auth-bypass class on your appliance family

You run this appliance, internet-facing. Added to the active-exploitation list today. Confirm version, check for the patched build, hunt the post-exploitation behavior in CrowdStrike. → edge/infra

89Third-party AI connector: vendor discloses a token-handling weakness in MCP-style integrations

You run an AI helpdesk connector with a cloud service account. Matches your supply-chain PIR. Pull its permission scope; confirm you can revoke it in under 5 minutes. → security ops

82M365 / Entra: phishing kit bypassing MFA on your identity stack, in the wild now

Entra ID is your front door, and the technique is hitting insurers this quarter. Verify conditional-access posture; hunt the token-replay pattern. → identity

76Java web stack: deserialization CVE on a library your public app likely ships

Your customer-facing app runs this stack; PoC is public. SBOM check, then a patch window. → app sec

71Ransomware crew adds the insurance sector to its leak-site targeting

Sector plus your ransomware-staging PIR. Confirm backup-restore was tested this quarter; review the crew's initial-access TTPs against your edge. → IR lead

64CISA KEV add affecting a secondary management appliance you may run

Possible asset match — confirm inventory. Federal deadline implies active use. → infra

58Infostealer logs for your domain appear on a marketplace

Fresh batch tied to your domain. Force-reset matched accounts; check for session-token theft. → identity

49Splunk: advisory on a component in your version line

Your SIEM, medium severity, no exploitation yet. Schedule into the normal patch cycle. No fire drill. → detection eng

37Sector ISAC note: BEC wave impersonating reinsurance partners

Your business model. Brief finance; tighten payment-change verification. → fraud/finance

28Background: new ATT&CK technique entry relevant to your edge-device PIR

Reference, not urgent. Note for the next detection-coverage review. → detection eng

Filtered out today: 213 items. The other 203 didn't touch your assets or PIRs. That's the product.

Pricing

TierWhat you getPrice
Solo / small teamDaily digest against one asset profile, by email.$49/moSubscribe
TeamMultiple profiles, PIR tuning, and a weekly exec roll-up.$199/moSubscribe
PilotTwo weeks of the real digest against your actual profile. Free, then convert.FreeStart

Start a free 2-week pilot

Send us your asset profile and we'll run the real digest against it for two weeks. You'll see your own noise cut to ten items, every morning, before you decide whether to pay.

Request a pilot

We only need an asset list and your top priority intelligence requirements. No platform login, no install.