Customers

42 organizations across Free, Pro, and Enterprise. Filter by plan, last-scan recency, or churn-risk score.

Active customers42+5 last 30d

Pro28+3

Enterprise3—

Churn risk (red)2+1 this week

All customers · sorted by MRR

Organization	Plan	Seats	MRR	Last scan	Churn risk

Sales pipeline

Inbound from free-tier signups, GitHub Action installs, Slack mentions, and direct email. Drag cards between stages — weighted forecast updates in real time.

Pipeline ACV$1.42M+$280K WoW

Weighted forecast$418K+12%

Win rate (90d)23%+4pp

Avg cycle38 d−6d

Lead 12

Aperture Capital

Inbound · GH Action install

$4,999 / yr

RaifPay GmbH

Slack mention · DACH region

$29K · Ent

NorthSpire FinTech

Inbound · /signup

$999 / repo

Solace Treasury

Email · referral

$4,999 / yr

Qualified 8

Helios Banking

Demo scheduled May 8

$45K · Ent

Cardinal Pay

SOC 2 prep · 80 repos

$4,999 / yr

Mistwood Custody

Compliance-led

$32K · Ent

Demo 5

Yatahay Custodians

Demo done · pricing review

$60K · Ent

Beacon Markets

Demo May 6 · MiCA-driven

$39K · Ent

Trial 3

Citrine Bank

Trial day 9 of 14

$4,999 / yr

Levante Pay

Trial day 12 of 14

$999 / repo

Closed-won 11 MTD

Sentry Treasuries

Won May 2 · 18-day cycle

$29K · Ent

Triple-A Custody

Won Apr 30

$4,999 / yr

PerennialFi

Won Apr 28

$4,999 / yr

Revenue

Stripe is source of truth. Mirror updates on webhook; reconcile nightly. Cohort retention is computed from paid_invoices joined to customer_signed_at.

MRR$84.2K+11.4% MoM

ARR$1.01M+$104K MoM

NRR (TTM)118%+3pp

Gross margin82%—

MRR · trailing 12 months

Jun '25SepDecMarMay '26

Revenue waterfall · this month

Starting MRR$75.6K

+ New+$9.2K

+ Expansion+$2.4K

+ Reactivation+$0.5K

− Contraction−$1.2K

− Churn−$2.3K

Ending MRR$84.2K

Monthly cohort retention · % of starting cohort still active

Jun '25

100

94

88

85

82

80

78

76

75

74

73

Jul '25

100

90

85

82

80

79

78

77

76

75

—

Aug '25

100

95

89

85

83

81

80

79

78

—

Sep '25

100

88

82

79

77

76

75

74

—

Oct '25

100

91

86

82

80

78

77

76

—

Nov '25

100

93

87

84

82

81

80

—

Dec '25

100

89

84

81

79

78

—

Jan '26

100

95

90

86

84

—

Users

Every individual user across every customer organization. Filter by org, role, last-login. Audit log captures every admin action.

Email	Org	Role	Last login	2FA	Status
cto@helios-banking.example	Helios Banking	Owner	2026-05-04 09:22 UTC	YES	Active
secops@cardinalpay.example	Cardinal Pay	Admin	2026-05-04 08:11 UTC	YES	Active
auditor@beacon-markets.example	Beacon Markets	Auditor	2026-05-03 17:45 UTC	YES	Active
dev@aperture-capital.example	Aperture Capital	Member	2026-05-02 14:30 UTC	NO	Active
compliance@yatahay.example	Yatahay Custodians	Owner	2026-04-29 11:09 UTC	YES	Active
legacy@perennialfi.example	PerennialFi	Member	2026-03-15 — 50 days ago	NO	Stale

Licenses

Issuance is bound to the Ed25519 hardware signing key. Each issue triggers a Touch-ID prompt on the operator's machine; the signing key never leaves it.

Active licenses31+4

Expiring 30d2renewals queued

Revoked (TTM)1—

Pending1issuance approval

Issued licenses

Customer	Tier	Key fingerprint	Issued	Expires	Status
Helios Bankinghelios-banking-2026	ENT	ed25:9a4f…1c2b	2026-04-12	2027-04-12	Active
Cardinal Paycardinal-pay-pro-26	PRO	ed25:8c12…f409	2026-03-28	2027-03-28	Active
Beacon Marketsbeacon-mica	ENT	ed25:fe5b…7d44	2026-02-14	2027-02-14	Active
Sentry Treasuriessentry-trust	ENT	ed25:2d31…b8a7	2026-05-02	2027-05-02	Active
PerennialFiperennial-fi-pro	PRO	ed25:7b09…5e10	2025-05-21	2026-05-21 (17d)	Expiring
Citrine Bankcitrine-trial	TRIAL	ed25:1a4f…ccc2	2026-04-25	2026-05-09 (5d)	Trial

Threat-intel triage

Drafts emitted by the weekly NIST NVD ingest land here. Each row is a candidate check awaiting maintainer pattern authoring before promotion to checks/community/accepted/.

Pending review9+3 this week

Promoted (TTM)42+6

Last sync2dscheduled Mon 09:00 UTC

Catalog size294+20 (v1.7.x)

CVE

LANGS

Description / draft

Score

CVE-2026-3142

JavaScript · Node

Prototype-pollution in fast-redact <3.5.1 enables modification of Object.prototype via crafted JSON. Affects Express middleware that uses fast-redact for log scrubbing in fintech APIs.

9.2

CVE-2026-2987

Solidity

UniswapV4 hook authorization bypass — pre-execute hook can be re-entered to skip access control. Pattern: hook callbacks without nonReentrant + storage write before external call.

8.7

CVE-2026-2811

Java · Spring

Spring Security ACL race condition under high concurrency permits brief 2-3ms window of unauthorized access. Affects fintech APIs with synchronized cache invalidation.

8.1

CVE-2026-2654

Python · FastAPI

Pydantic v3 validator ordering allows skipping Field(gt=0) constraint when alias is supplied. Money-validation regressions where alias-based model constructors bypass positive-amount checks.

7.9

CVE-2026-2401

Go · stdlib

Time-of-check time-of-use in os.Rename on Linux mounts. Relevant to fintech batch-processors that rename audit-log files atomically.

7.4

CVE-2026-2298

Rust · sqlx

Query-builder concatenates user input when reflection mode is enabled. SQL injection if SQLX_REFLECT=1 in dev that ships to prod.

6.8

Support inbox

Email and Slack sources. SLA timer per priority. AI draft response is gated — never auto-sent.

Open tickets3−2

Median TTFR42m−18m

CSAT (30d)4.8 / 5+0.2

P0 breaches (30d)0—

HB

P-712 false positive on our HTLC implementation? P1

Helios Banking · cto@helios-banking.example · "We pass msg.sender check via modifier, but P-712 reports FAIL. Can you take a look?"

14m
CP

Branded PDF — logo not rendering for SOC 2 evidence bundle

Cardinal Pay · secops@cardinalpay.example · "PNG transparency seems off when exported from the dashboard."

2h
YC

Multi-repo aggregation showing only 4 of 7 repos

Yatahay Custodians · compliance@yatahay.example · "Three private repos aren't appearing in the rollup. Webhook stuck?"

5h

System health

Operational pulse across the SaaS, the open-source distribution channels, and the build-attestation chain.

API · api.preston-check.com

99.997% · p95 47ms

Operational

Customer portal · app.preston-check.com

99.94% · p95 312ms

Operational

Telemetry · telemetry.preston-check.com

100% · 218 reqs/min

Operational

D1 (relational)

8.4 GB · 12 idx · p95 8ms

Operational

KV (aggregations)

412 keys · 78 MB

Operational

Stripe webhook

last delivery 3m ago

Operational

Threat-intel cron

last success 2d 4h · next Mon 09:00 UTC

On schedule

Docker Hub · prestoncheck/scan

v1.7.4 · 8.4K pulls / 30d

2 deprecated tags

Homebrew tap

v1.7.3 published · 2.1K installs / 30d

Synced

Build attestation · latest release

Tag	v1.7.4
Tarball	preston-check-1.7.4.tar.gz
SHA-256	27e9c51d1d217074dc93c50692709795e627ec1f686e5bc77d8b28f58a43e847
Published by	github-actions[bot] · attested run #25294820946
Signed with	ed25519: 9a4f…1c2b (Preston-Check release key)
Distribution	GitHub Releases · Homebrew · Docker Hub · install.sh