Skip to content
CCCrisisCore Systems
← Back to projects
Evidence dossier

Security & Collapse Audits

Threat modeling + remediation (operational and organizational failure risk)

Audit work for systems that operate under low trust: adversarial access, coercion risk, incentive pressure, and degraded operational reality.

Use this dossier as supporting evidence for the service work on this site: problem, constraints, proof surface, and outputs.

SecurityThreat ModelingAuditSystems
Problem

Most security output fails at the moment it matters: it’s too abstract, too compliance-shaped, or too disconnected from real adversaries and real operator constraints.

This work focuses on exploitability, incentive-driven failure, and operational collapse vectors. The goal is to produce remediation that is testable and survivable, not performative.

Constraints
  • Assume adversarial reality: motivated attackers, not hypothetical ones.
  • Minimize theater: findings must include reproduction paths or falsifiable tests.
  • Threat boundaries are explicit: what is protected, from whom, and under what assumptions.
  • Prioritize operator usefulness: triage order, hard-fail guards, and clear next actions.
  • Respect degraded environments: low trust, partial observability, incident pressure.
Proof
ContactProof pageGitHubProtective Legitimacy Score (PLS) — rubricRedacted threat model excerptThreat boundary mapDefensibility packet flow
Live repo stats may be rate-limited for anonymous requests.
Method

Start with boundaries and incentives: define assets, actors, and the minimum conditions required for safety. If those conditions don’t hold, the system must fail safe.

Model the attack surface (network, dependencies, authn/authz, data flows, key material, privileged paths) and the operational surface (on-call reality, logging, rollback, incident response).

Convert risks into a prioritized remediation plan with verification steps: patches + tests + observable evidence that the failure mode is actually closed.

Audit pipeline diagram: scope and threat model, map surfaces, reproduce issues, remediate, verify, and harden
Architecture diagram
View architecture artifact
Outputs
  • A bounded risk register prioritized to top findings (typically 10) with triage order.
  • A threat model with explicit assumptions and hard boundaries (what must not fail).
  • Actionable findings: reproduction steps, impact, and recommended fixes.
  • A remediation plan ordered by risk reduction per unit effort.
  • Verification steps: tests or procedures that prove the issue is closed.
  • Operator-ready notes: rollback guidance and failure-mode monitoring suggestions.
  • A redacted artifact sample showing assumptions, adversaries, and closure criteria.
Links
ContactProofRedacted audit artifactGitHub
See servicesSend the app, stack, and concern
Supporting diagrams
Threat boundary mapDefensibility packet flow diagram
Viewer-first links are primary; raw files are available as mirrors from each artifact page.