Thrombus Platform

Your Pentest.
One Platform.

Thrombus gives medical device manufacturers a single place to manage their penetration testing engagement — from scoping to final report.

Create an Account

Thrombus platform — New Engagement form showing device information, test scope, and FDA classification

Engineered for Ease

Transparent Pricing

See pricing upfront before you commit. Fixed-price engagements for standard test types, custom quotes for everything else. No surprise invoices.

Real-time Engagement Tracking

Know exactly where your engagement stands. Track status from device receipt through testing, reporting, and delivery.

Secure Document Sharing

Upload device documentation, firmware images, and architecture diagrams securely. Download your final report when it's ready. All files encrypted at rest.

FDA-Compliant Reports

Every report is structured around FDA premarket cybersecurity guidance, including executive summary, methodology, findings with proof-of-concept, risk assessment, and remediation roadmap.

Our Approach

Powered by Prognosis

Prognosis is our proprietary AI testing engine — purpose-built for medical device security. It pairs automated exploit workflows with hands-on researchers in a dedicated hardware lab.

Prognosis drives the methodology. The researcher drives the soldering iron.

Prognosis

Prognosis orchestrates the attack — generating signals, analyzing responses, and guiding the researcher through exploit chains in real time.

Drives proprietary exploit workflows
Generates and sends test signals
Analyzes device responses in real time
Identifies exploit chains automatically
Guides the researcher step-by-step

Researcher in the Lab

The researcher provides what AI can't: physical access to the device in a dedicated hardware lab with specialized equipment.

Opens enclosures and deconstructs devices
Connects probes, logic analyzers, and debuggers
Desolders flash chips for extraction
Tests thermal and environmental conditions
Manipulates physical interfaces (JTAG, UART, SPI)

Streamlined Lifecycle Management

From initial contact to remediation support.

1. Scoping

Define your device, testing requirements, and timeline in-platform.

2. Shipping

Ship your physical device to our secure hardware lab.

3. Testing

Live status updates as our researchers test your device over ~4 weeks.

4. Reporting

Download your FDA-compliant report and re-test for free within 60 days.

Ready to Get Started?

Create your account and schedule your first engagement.