How This Briefing Works
This report opens with key findings, then maps the gaps between what Twain discloses and what BLACKOUT observed at runtime. From there: what it means for your organization, what to do about it, and the detection data and evidence underneath.
Key Findings
Key Findings
1 detection across 1 site
Disclosure Gaps
Claims vs. Observed Behavior
1 gaps
Pending Analysis
UNKNOWN
They Claim
“Claims extraction pending”
Observed Behavior
CDT analysis required for runtime behavioral assessment
Customer Impact
What This Means For You
No measurable behavioral risk from current detection data. This vendor was identified via signature matching only — no runtime behavioral analysis has been performed. Impact assessment requires recon agent investigation.
Recommended Actions
What To Do About It
Role-specific actions based on observed behavior
If You Use Twain
- →monitor for future scanner detections
If You're Evaluating Twain
- →recon agent investigation to assess runtime behavior
Negotiation Leverage
- →Baseline signature detection only — no behavioral evidence available for leverage
- →Request DPA and subprocessor documentation for proactive review
- →Monitor for future scanner detections that may reveal runtime behavior
IOC Manifest
IOC Manifest
2 INDICATORS
Indicators of compromise across 2 categories. Use for detection rules, CSP policies, or Pi-hole blocklists.
No indicators in this category
Ecosystem
Ecosystem & Supply Chain
Twain operates in the SaaS platform ecosystem. Signature detected in the BLACKOUT vendor database but no scanner detections have generated behavioral intelligence.
Evidence
Evidence Artifacts
Artifacts collected during analysis, available with evidence-tier access.
HAR Capture
Complete network capture with all requests and responses
IOC Manifest
2 detection signatures across scripts, domains, cookies, and network endpoints