SAGE Fields

SAGE (Sovereign AI Governance Engine) is BreachSpider's proprietary AI analysis engine for ICS/OT vulnerability intelligence. USPTO Provisional Patent App. 64/015,948.

What SAGE Provides

Each enriched CVE includes a sage block in the API response:

"sage": {
  "model": "SAGE-v1",
  "tier": "full",
  "executive_summary": "Critical pre-auth RCE in Erlang/OTP SSH server...",
  "ics_context": "Erlang/OTP is used in industrial messaging and SCADA middleware...",
  "remediation_guidance": "Patch immediately. If patching is not possible...",
  "confidence_score": 0.94,
  "confidence_tier": "SOVEREIGN_AUDIT_PASS",
  "_upgrade_required": false,
  "_upgrade_url": null
}

Tier Availability

Field	Free	Standard	Professional	API	Enterprise
executive_summary	Truncated	Truncated	Full	Full	Full
ics_context	-	-	Full	Full	Full
remediation_guidance	-	-	Full	Full	Full
confidence_score	-	-	Full	Full	Full
virtual_patch	-	-	Full	Full	Full

Free and Standard tiers receive a truncated executive_summary with an _upgrade_required: true flag. Upgrade to Professional for full SAGE access.

Confidence Tiers

Tier	Score	Meaning
SOVEREIGN_AUDIT_PASS	0.90-1.00	Mathematically traced to source data with no material inference
HIGH_CONFIDENCE	0.75-0.89	Strong grounding with minor inference
MODERATE	0.50-0.74	Mixed grounding - verify key claims before action
LOW	Below 0.50	Significant inference - use as directional guidance only

Virtual Patch (Professional+ only)

The virtual patch block provides compensating controls when vendor patches are unavailable or cannot be immediately applied:

"virtual_patch": {
  "suricata_rule": "alert tcp ...",
  "snort_rule": "alert tcp ...",
  "compensating_control": "Block external SSH access on port 22...",
  "nerc_cip": "CIP-007-6 R1: Disable unused ports",
  "iec_62443": "SR 1.1: Human user identification and authentication",
  "confidence": 0.91
}

SAGE Chat

For interactive Q&A against the CVE corpus, use the SAGE Chat endpoint.