Skip to main content

Takumi Risk Focus Assessment Released

· 2 min read
Tsubasa Umeuchi
Tsubasa Umeuchi
Software Engineer @ GMO Flatt Security Inc.

Takumi Blackbox Assessment now supports "Risk Focus Assessment" mode.

You can set priorities for each feature-perspective combination and run assessments incrementally within a credit threshold.

Takumi Risk Focus Assessment Released

Overview

Standard blackbox assessments scan all features and perspectives at once. For large applications, this can require significant credits and time to complete.

Risk Focus Assessment lets you start with the highest-risk areas, review results, and incrementally expand the assessment scope.

Risk Focus Assessment configuration

Use Cases

Predictable Credit Consumption

Set a credit threshold to cap the maximum credits consumed per scan. When the threshold is reached, the scan stops and no further credits are consumed.

Prioritize High-Risk Areas

Set priorities (High, Medium, Low, None) for each feature-perspective combination. Focus on business-critical areas first — such as authentication, authorization, and data manipulation features — before expanding to lower-risk areas.

Adjust Scope Based on Results

When the credit threshold is reached, the assessment pauses and you can review the results so far. Based on the findings, you can run additional scans on unscanned combinations or complete the assessment.

Pending assessment

You can also preview the interim report by clicking "Preview Report" on this screen. This opens the report in a new tab, allowing you to review the findings before deciding whether to continue scanning or complete the assessment.

If you choose "Complete Assessment", a report will be generated based on the results up to that point. The report will reflect the findings for the combinations that were marked as "Scanned".

Report

Roadmap

Currently, Risk Focus Assessment only supports blackbox scoped assessments. Priorities for each feature-perspective combination must be configured manually by the user. We plan to add the following capabilities in future updates:

  • Automatic priority suggestions: Priorities will be suggested automatically based on risk analysis, reducing the effort of manual configuration
  • Full assessment mode: Run a full assessment with automatic prioritization, scanning as many combinations as possible within the credit threshold
  • Whitebox assessment support: Extend Risk Focus Assessment to whitebox assessments

Getting Started

This feature is available to all "Takumi byGMO" users.

▼ User Guide: Risk Focus Assessment