Klaxon turns "we think something happened" into "we ran the playbook, met every reporting deadline, and sent the right letters to the right regulators." Incident response + the breach-notification law engine — at SMB price, local-first.
Toggle states (assume 600+ residents each, PHI involved). The engine computes who you must notify and by when — deterministically, from law, no guessing.
Select a state above.
Substantive runbooks — ransomware, BEC, data breach, lost device — mapped to the NIST IR lifecycle, with legal-trigger checks built into the operational steps.
All-50-state + HIPAA + GDPR + DFARS + Canada obligations, a live countdown from the legally-correct trigger, and a jurisdiction-correct letter generator.
Append-only forensic timeline, roles, tasks, and SHA-256 chain-of-custody evidence. Local-first — an active incident never has to leave the building.
Timed scenario injects, scoring against a rubric, and an auto-generated after-action report. Software, not a $15k consulting engagement.
| incident.io / PagerDuty | RadarFirst / BreachRx | Klaxon | |
|---|---|---|---|
| Slack war-room / on-call | ✓ | — | war-room ✓ |
| 50-state + HIPAA/GDPR/DFARS law engine | ✗ | ✓ | ✓ |
| Tabletop as software | — | — | ✓ |
| Local-first (data stays in-house) | ✗ | ✗ | ✓ |
| SMB self-serve price | ✓ | 5–6 figures | free / $99 |
Free, local-first, no signup. Your incident data stays in your browser.
Open the console