Alerts pile up across endpoint tools, identity platforms, and cloud environments. Each source tells part of the story. None of them speak the same language. When a CISO needs to answer the board's question — "are we secure?" — the honest answer is usually: it depends on which tool you're looking at.
Cyber Story is the dashboard inside invicta.io that's built to change that. It gives a customer's security team one place to see their organization's risk, posture, vulnerabilities, asset coverage, and anomalies. Not after a week of analyst time. When you open the app.
One score, built on three different questions
The first thing you see when you log in is your overall security score. In a recent demo environment, that score was "elevated," up 0.3 from the previous day, with a 76% confidence score sitting alongside it.
That confidence number matters more than it might seem. It tells you how much of your environment is actually visible and contributing to the calculation. A score without it is just a guess with no indication of how informed it is.
The underlying score comes from three proprietary metrics: DREAD, SCOUT, and DRARC.
DREAD is your posture and exposure score. It measures risk across five dimensions: damage potential from a successful exploit, how reproducible the attack is, how easy it is to pull off, how many assets would be affected, and how discoverable the vulnerability is. Each dimension is weighted by asset criticality, privilege level, and current exploit intelligence.
SCOUT is your behavior and threat score. It captures active detection pressure across severity, confidence, occurrence, uptake, and threat intel alignment. It answers a different question than DREAD does: not "how exposed are we?" but "how much threat activity are we actually seeing, and are our detections keeping up?"
DRARC is your response effectiveness score. It measures mean time to detection, mean time to response, automation coverage, recovery efficiency, and containment effectiveness. These are checked against the SLA targets your business has set, not an external benchmark that may not fit your environment.
Three metrics. Three different lenses. Together, they explain not just where your score is, but why it is there.
What you can't see is part of the score
Below the overall score, Cyber Story shows your asset coverage status. In the demo environment, the status was "blind and degrading" because five of the nine connectable domains were not yet set up.
The nine domains are: identity, network, endpoint, application, cloud, data, API, AI, and facility. The more you connect, the more the system can see. When a domain is missing, that gap shows up in the confidence score. The dashboard does not smooth over partial coverage and present it as complete.
In the demo, roughly 475,000 assets were observed, with 73,000 scored across four criticality tiers: critical, high, medium, and normal. Eighteen classified apps were flagged as highly sensitive. These numbers are not statistics sitting on a screen. Each one connects to something someone can act on: what to prioritize, what to connect next, what needs a closer look.
From domain to asset to individual item
After the overall score and coverage status, Cyber Story breaks things down by domain. Each connected domain gets its own DREAD, SCOUT, and DRARC breakdown. Click into identity and you see a domain-specific score with the same three metrics. An "Explain with AI" button surfaces a plain-language read on what is driving the numbers, for anyone who wants the deeper version.
Below domain status, the dashboard flags individual assets that need immediate attention. In the demo, one asset had spent 14 days in the red zone. That does not require interpretation. It requires someone to look at it.
The 14-day trend chart shows how DREAD, SCOUT, and DRARC have moved over time. You can check what your environment looked like at 2 AM on any morning within that window. This becomes useful when you are trying to understand whether a recent change actually improved anything, or just moved the problem somewhere else.
Adjusting for your business context
The metric weightings in Cyber Story are not fixed. DREAD defaults to equal weighting across its five dimensions, but that can be adjusted based on what matters most for your organization. The same applies to SCOUT.
DRARC takes a different approach. In the demo, detection and response were each weighted at 25%, while automation sat at 10%. The reasoning is that organizations vary significantly in how mature their automation is, and a flat equal weighting would not reflect that.
This customization is what makes the score reflect your actual risk priorities instead of a generic framework that may not fit how your business works.
Asking questions in plain language
Cyber Story includes an AI assistant that lets users ask questions about their data in plain language. You do not need to know the underlying schema or build a query. You just ask what you want to understand.
This matters because most security dashboards are built for the people who set them up, not the people who need to read them. A CISO and a SOC analyst have different questions. The dashboard is meant to answer both without requiring either person to become fluent in the other's tools.
What this actually changes
Having your security posture in one place changes what questions you can ask. It also changes how quickly you can answer them.
Instead of correlating data across several different tools, you are reading one view. Instead of explaining what "elevated" means across six separate products, you are pointing at one number with the context underneath it. Instead of presenting a vulnerability count and hoping it lands, you are showing a trend and what moved it.
Cyber Story is live inside invicta.io. If you want to see how it reads for your environment, reach out to the Human Managed team.