Last Updated: February 6, 2026

This directory contains the essential documentation for the Epyon security scanning platform.

Comprehensive security analysis and testing documentation

• Complete test coverage report (304 tests)
• Security architecture review
• Threat model and mitigations
• Vulnerability management
• Compliance mapping
• Fixed CVEs and bugs

Audience: Security teams, DevOps engineers, compliance officers
Status: ✅ Current (Feb 2026)

Vulnerability deduplication to eliminate inflated counts

• Removes duplicate CVE counting across multiple tools
• Unique key generation (CVE + package + version)
• Detection transparency with detected_by metadata
• Impact on severity gates and dashboards
• Before/after examples and validation

Audience: Security teams, DevOps engineers, dashboard users
Status: ✅ Current (Feb 2026)

STIG control mapping and evidence collection procedures

• Maps Epyon tools to STIG controls
• Evidence collection for compliance audits
• Coverage for Application Security, Container, Docker, DevSecOps, and OpenShift STIGs
• Automated queries and evidence collection scripts
• Compliance workflow and best practices

Audience: Security teams, compliance officers, auditors
Status: ✅ Current (Feb 2026)

Implementation details for scan result organization

• Scan directory structure and layout
• Timestamp consistency approach
• Result isolation and organization
• Legacy compatibility and symlinks

Audience: Developers, DevOps engineers
Status: ✅ Current

Complete guide for deploying Epyon in restricted environments

• Docker image requirements and export procedures
• Vulnerability database management
• Air-gapped bundle structure
• Implementation timeline (8-12 days)
• Database freshness recommendations
• Security considerations

Audience: Enterprise deployment teams, government contractors
Status: ✅ Current (Jan 2026)

For most users, start with the Security Review & Test Coverage document to understand:

• What Epyon does
• How it's architected
• What security controls are in place
• How to validate the installation

Then refer to specific guides as needed:

• Deploying offline? → See Offline & Air-Gapped Setup
• Understanding scan organization? → See Scan Directory Architecture

• Security and architecture documentation
• Deployment guides for special scenarios
• Implementation reference materials

• Historical summaries (removed)
• PowerShell migration documents (removed)
• Project-specific validation guides (removed)
• Outdated dashboards and reports (removed)

• Keep documentation current with code changes
• Update "Last Updated" dates when modifying
• Remove outdated content proactively
• Focus on operational value, not historical context

• README.md - Main project overview and getting started
• .github/workflows/ - GitHub Actions workflow examples
• tests/shell/ - Test suite documentation and examples
• scripts/shell/ - Shell script inline documentation

• BATS Testing Framework
• GitHub Actions Documentation
• Docker Security Best Practices

Total: 3 active documents

Cleaned up 24 outdated documents on Feb 6, 2026:

• 5 PowerShell parity documents
• 5 deployment summaries
• 9 implementation notes
• 5 miscellaneous outdated guides

Focus is now on actionable, current documentation that supports ongoing operations.

For questions or improvements to documentation, please open an issue in the repository.