HailBytes Security Platform Suite

Technical Overview — Microsoft Co-Sell & AWS Partner Discussions
3
Products — SAT, ASM,
Cloud Support Hub
1-click
Azure & AWS Marketplace
deployments
ELv2
Source-available license
Full code auditability
Publisher: HailBytes, LLC  ·  Azure Marketplace · AWS Marketplace  ·  hailbytes.com  ·  support.hailbytes.com

Platform Architecture Philosophy

HailBytes takes battle-tested, proven open-source security frameworks — hardens them, operationalizes them, and delivers them as one-click marketplace deployments that run entirely in the customer's own cloud tenant. No shared infrastructure. No per-seat licensing. No data leaving their environment.

SAT Platform GoPhish Cloud

  • Pre-hardened Ubuntu 24.04 VM
  • Admin Server + Phish Server
  • AES-256-GCM at rest
  • OIDC/SAML + SCIM provisioning
  • MCP server for AI orchestration

ASM Platform reNgine Cloud

  • Docker Compose (6 services)
  • Django 4.2 + Celery workers
  • PostgreSQL 16 + Redis 5
  • 30+ security tools in pipeline
  • GPT-4 or local Ollama LLM

Cloud Support Hub SaaS

  • SaaS portal at support.hailbytes.com
  • Azure Marketplace subscription
  • Entra ID SSO built-in
  • MACC-eligible
  • Encrypted ticket + file storage

SAT Platform Architecture (GoPhish Cloud)

Deploys as a pre-hardened Ubuntu 24.04 VM directly in the customer's Azure or AWS tenant. Two servers, one background worker, encrypted database.

Components

  • Admin Server — HTTPS port 3333, campaign management UI + REST API
  • Phish Server — ports 80/443 via nginx reverse proxy, landing page delivery
  • Background Worker — SMTP delivery, IMAP reply monitoring, real-time event logging
  • Database — encrypted SQLite (or MySQL), AES-256-GCM for all PII

Security & Integrations

  • Auth: OIDC/SAML SSO (Entra ID + Google), TOTP MFA, SCIM provisioning
  • Encryption: AES-256-GCM at rest, bcrypt password hashing, CSRF protection
  • Network: Azure NSG / AWS Security Group, admin access lockable to operator IP ranges
  • Integrations: Full REST API, webhooks to SIEM/SOAR, MCP server for AI-assisted campaigns
Compute: Single VM — B2s to D8s_v3 (Azure) or t3.medium to m5.2xlarge (AWS)

ASM Platform Architecture (reNgine Cloud)

Fully containerized on a single VM. Docker Compose orchestrates 6 services running 30+ security tools through a seven-phase automated scan pipeline.

Seven-Phase Scan Pipeline

1. Subdomain Discovery
2. HTTP Crawl
3. Port Scan
4. OSINT
5. Directory Fuzzing
6. Vuln Scan
7. Screenshot

Docker Compose Services

  • Django 4.2 / Uvicorn — Web application layer
  • Celery Workers — 30+ tool execution engine
  • Celery Beat — Scheduled/continuous scan orchestrator
  • PostgreSQL 16 — All findings, relational correlation
  • Redis 5 — Message broker + cache
  • Nginx — TLS termination + reverse proxy

Enterprise Features

  • AI: OpenAI GPT-4 or self-hosted Ollama (CUDA/ROCm) for air-gap
  • RBAC: SysAdmin / PenetrationTester / Auditor + 2FA/TOTP
  • Audit: 21-type audit logging, SHA-256 API key hashing, rate limiting
  • Alerts: Slack, Discord, Telegram, Teams, Lark webhooks
  • API: 40+ REST endpoints + MCP server (16 tools)

Stack Fit & Buyer Personas

Product Primary Buyer Secondary Buyer Channel Stack Layer
SAT (GoPhish Cloud) CISO / IT Security Manager
200–5,000 employee orgs		 Compliance Officers
PCI-DSS 12.6, HIPAA, SOC 2		 Direct + MSSPs Human Risk Management
ASM (reNgine Cloud) Security Engineer / Red Team Lead
50+ internet-facing assets		 Penetration Testing Firms Direct + MSSPs (managed ASM) Discovery & Exposure Management
Cloud Support Hub IT Operations Manager / Security Team Lead MSP Account Managers
Multi-client ticket visibility		 Azure Marketplace Operational Backbone
Natural pairing: SAT + ASM together cover the full attack surface — the human layer (phishing/social engineering) and the technical layer (exposed assets, CVEs, misconfigs). Recommend both for any org with 200+ employees and 10+ internet-facing assets.

Azure & AWS Marketplace Presence

Product Marketplace SKU Trial Pricing Annual Discount
SAT Platform GoPhish Cloud — Enterprise Phishing Simulation Platform 30-day free $0.24/vCPU/hr 18%
ASM Platform reNgine Cloud — Automated Recon & ASM 30-day free $0.24/vCPU/hr 18%
Cloud Support Hub HailBytes Cloud Support Hub Free tier always included $0–$1,650/mo flat 18%
MACC: All Azure Marketplace purchases count toward Microsoft Azure Consumption Commitment for EA customers.
AWS: All products on AWS Marketplace. May be eligible for AWS Partner funding programs.
ELv2 License: Source-available. Commercial use restricted to deployed instances — no resale of code.

Security Controls & Compliance Posture

SAT Platform Controls

  • AES-256-GCM at rest for all PII data
  • bcrypt password hashing throughout
  • CSRF protection on all state-changing operations
  • OIDC/SAML SSO — no separate identity store
  • TOTP MFA for admin access
  • SCIM provisioning — auto-sync from Entra ID groups
  • Azure NSG / AWS SG — admin lockable to operator IPs

ASM Platform Controls

  • RBAC — SysAdmin / PenetrationTester / Auditor roles
  • 2FA/TOTP for all user accounts
  • 21-type audit logging — full activity trail
  • SHA-256 API key hashing — keys never stored plaintext
  • Rate limiting on all API endpoints
  • Air-gapped capable — local Ollama, no external LLM calls
  • Multi-tenant project isolation
Compliance use cases: PCI-DSS 12.6 (phishing training), HIPAA security rule, SOC 2 Type II (security awareness controls), NIST CSF (ID.AM asset management + PR.AT awareness). All data stays in the customer's own Azure or AWS tenant — critical for regulated industries.

AI Integration Capabilities

SAT — MCP Server

  • Connects Claude, Copilot, or Cursor directly to GoPhish Cloud
  • Generate phishing templates via natural language
  • Analyze campaign results with AI triage
  • Build training content from click/fail patterns
  • Full campaign orchestration via AI assistant

ASM — MCP Server (16 tools)

  • AI assistants orchestrate recon workflows end-to-end
  • GPT-4 executive vulnerability reports + risk prioritization
  • Local Ollama LLM for fully air-gapped deployments
  • NVIDIA CUDA / AMD ROCm GPU instance support
  • Natural language queries against finding database
Air-gap use case: Government and defense customers can run the full ASM platform including AI analysis with a locally-hosted Ollama LLM — zero external network dependencies after initial deployment.

Technical Evaluation Path

Step 1
Deploy Free Trial
Search "HailBytes" on Azure or AWS Marketplace. 30-day free trial — software fee waived, only infrastructure costs apply.
Step 2
Configure Entra ID SSO
Register app in Azure AD, add OIDC/SAML credentials to the platform. SCIM provisioning optional for automatic user sync.
Step 3
Run First Campaign / Scan
SAT: create phishing template + send group. ASM: add target domain, launch automated recon pipeline. Both complete in under 30 minutes.

Technical docs: support.hailbytes.com  ·  Sales: sales@hailbytes.com  ·  hailbytes.com