RHEcosystemAppEng · TamarW0 · Jun 23, 2026 · Jun 23, 2026 · Jun 24, 2026 · Jun 24, 2026
@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
-  name: morpheus-client-on-pr
+  name: exploit-iq-client-on-pr
   annotations:
     # The event we are targeting as seen from the webhook payload
     # this can be an array too, i.e: [pull_request, push]
@@ -28,7 +28,7 @@ spec:
     - name: image-expires-after
       value: 5d
     - name: output-image
-      value: quay.io/ecosystem-appeng/agent-morpheus-client:on-pr-{{revision}}
+      value: quay.io/ecosystem-appeng/exploit-iq-client:on-pr-{{revision}}
     - name: path-context
       value: .
     - name: dockerfile

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
-  name: morpheus-client-on-push
+  name: exploit-iq-client-on-push
   annotations:
     # The event we are targeting as seen from the webhook payload
     # this can be an array too, i.e: [pull_request, push]
@@ -26,7 +26,7 @@ spec:
     - name: revision
       value: "{{ revision }}"
     - name: output-image
-      value: quay.io/ecosystem-appeng/agent-morpheus-client:latest
+      value: quay.io/ecosystem-appeng/exploit-iq-client:latest
     - name: path-context
       value: .
     - name: dockerfile

@@ -2,7 +2,7 @@
 apiVersion: tekton.dev/v1beta1
 kind: PipelineRun
 metadata:
-  name: morpheus-client-on-tag-push
+  name: exploit-iq-client-on-tag-push
   annotations:
     # The event we are targeting as seen from the webhook payload
     # this can be an array too, i.e: [pull_request, push]
@@ -26,7 +26,7 @@ spec:
     - name: revision
       value: "{{ revision }}"
     - name: output-image
-      value: quay.io/ecosystem-appeng/agent-morpheus-client
+      value: quay.io/ecosystem-appeng/exploit-iq-client
     - name: tag-name
       value: "{{git_tag}}"
     - name: path-context

@@ -1,5 +1,5 @@
 ---
-# Maven test for @QuarkusTest in CI: JDK + Syft base image (quay.io/exploit-iq/agent-morpheus-client-test-image).
+# Maven test for @QuarkusTest in CI: JDK + Syft base image (quay.io/ecosystem-appeng/exploit-iq-test-image).
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:
@@ -10,7 +10,7 @@ metadata:
     component: exploit-iq-client
 spec:
   description: >-
-    Runs ./mvnw test with ephemeral Mongo; uses quay.io/exploit-iq/agent-morpheus-client-test-image (JDK + Syft).
+    Runs ./mvnw test with ephemeral Mongo; uses quay.io/ecosystem-appeng/exploit-iq-test-image (JDK + Syft).
   workspaces:
     - name: source
       description: Cloned repository (git-clone output)
@@ -20,7 +20,7 @@ spec:
       description: Registry pull secret for Syft (directory with .dockerconfigjson)
   steps:
     - name: test
-      image: quay.io/exploit-iq/agent-morpheus-client-test-image:latest
+      image: quay.io/ecosystem-appeng/exploit-iq-test-image:latest
       workingDir: $(workspaces.source.path)
       env:
         - name: QUARKUS_MONGODB_DEVSERVICES_ENABLED

@@ -1,6 +1,6 @@
 ---
 # Ephemeral MongoDB for @QuarkusTest in CI. Same image as prod (mongodb-community-server 8.0 UBI);
-# mirrors deploy/agent_morpheus_client.yaml (db Deployment + Service); emptyDir instead of PVC.
+# mirrors deploy/exploit-iq-client.yaml (db Deployment + Service); emptyDir instead of PVC.
 apiVersion: tekton.dev/v1beta1
 kind: Task
 metadata:

@@ -34,7 +34,7 @@ Loading states MUST use PatternFly `Skeleton` components instead of `Spinner` co
 ## Development Workflow
 
 ### Code Organization
-- Backend Java code: `src/main/java/com/redhat/ecosystemappeng/morpheus/`
+- Backend Java code: `src/main/java/com/redhat/ecosystemappeng/exploitiq/`
 - Frontend TypeScript/React code: `src/main/webui`
 - Generated API client: `src/main/webui/src/services/generated-client/` (auto-generated from OpenAPI)
 - React hooks: `src/main/webui/src/hooks/` (use `useApi` for all API calls)

@@ -12,12 +12,12 @@ See the License for the specific language governing permissions and
 limitations under the License.
 -->
 
-# Red Hat Exploit Intelligence- client
+# Red Hat ExploitIQ - client
 
 This project is a Quarkus + React web application implemented to interact with ExploitIQ service
 for sending requests to evaluate vulnerabilities on specific SBOMs.
 
-For product documentation and deeper context, see the [Exploit Intelligence documentation](https://github.com/RHEcosystemAppEng/exploitiq-docs).
+For product documentation and deeper context, see the [ExploitIQ documentation](https://github.com/RHEcosystemAppEng/exploitiq-docs).
 
 
 ## Development
@@ -158,7 +158,7 @@ flowchart TB
     classDef ok fill:#bbf7d0,stroke:#15803d,stroke-width:2px,color:#14532d
     classDef caption fill:#f8fafc,stroke:#94a3b8,stroke-width:1px,color:#334155
 
-    HEADER["<b>Exploit Intelligence -<br/>Analysis Pipeline</b>"]
+    HEADER["<b>ExploitIQ -<br/>Analysis Pipeline</b>"]
     class HEADER caption
 
     START([User request analysis])
@@ -178,7 +178,7 @@ flowchart TB
             SYFT_FAIL[[Syft failed<br/>submission failure / excluded]]
             CYCLONE_VAL["Parse &amp; validate CycloneDX<br/>from Syft output"]
             CYCLONE_FAIL[[CycloneDX parse / validation failed<br/>submission failure / excluded]]
-            TO_AGENT["Save report &amp; submit for analysis<br/>Morpheus queue"]
+            TO_AGENT["Save report &amp; submit for analysis<br/>ExploitIQ queue"]
 
             PER_CAPTION --> SYFT
         end
@@ -199,7 +199,7 @@ flowchart TB
         SC_CYCLONE_ERR[[CycloneDX parse failed<br/>immediate error to client]]
     end
 
-    subgraph AGENT["<b>Shared — Submit &amp; agent pipeline</b><br/>(RequestQueueService → Morpheus)"]
+    subgraph AGENT["<b>Shared — Submit &amp; agent pipeline</b><br/>(RequestQueueService → ExploitIQ)"]
         direction TB
         QUEUE_GATE["Is queue full?<br/>active reports &gt;= max active"]
         PEND_CAP[Pending queue<br/>below max size?]

@@ -2,20 +2,20 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: agent-morpheus-client-db
+  name: exploit-iq-client-db
   labels:
-    app: agent-morpheus-client-db
+    app: exploit-iq-client-db
 spec:
   strategy:
     type: Recreate
   replicas: 1
   selector:
     matchLabels:
-      app: agent-morpheus-client-db
+      app: exploit-iq-client-db
   template:
     metadata:
       labels:
-        app: agent-morpheus-client-db
+        app: exploit-iq-client-db
     spec:
       containers:
         - name: mongodb
@@ -31,58 +31,58 @@ spec:
       volumes:
         - name: data
           persistentVolumeClaim:
-            claimName: agent-morpheus-client-data
+            claimName: exploit-iq-client-data
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: agent-morpheus-client-db
+  name: exploit-iq-client-db
   labels:
-    app: agent-morpheus-client-db
+    app: exploit-iq-client-db
 spec:
   ports:
   - name: db
     port: 27017
     protocol: TCP
     targetPort: 27017
   selector:
-    app: agent-morpheus-client-db
+    app: exploit-iq-client-db
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: agent-morpheus-client
+  name: exploit-iq-client
   labels:
-    app: agent-morpheus-client
+    app: exploit-iq-client
 spec:
   strategy:
     type: Recreate
   replicas: 1
   selector:
     matchLabels:
-      app: agent-morpheus-client
+      app: exploit-iq-client
   template:
     metadata:
       labels:
-        app: agent-morpheus-client
+        app: exploit-iq-client
     spec:
       containers:
-        - name: agent-morpheus-client
-          image: quay.io/ecosystem-appeng/agent-morpheus-client:latest
+        - name: exploit-iq-client
+          image: quay.io/ecosystem-appeng/exploit-iq-client:latest
           imagePullPolicy: Always
           ports:
             - name: http
               protocol: TCP
               containerPort: 8080
           env:
-            - name: QUARKUS_REST-CLIENT_MORPHEUS_URL
-              value: http://agent-morpheus-rh:8080/scan
+            - name: QUARKUS_REST-CLIENT_EXPLOIT_IQ_URL
+              value: http://exploit-iq-agent:8080/scan
             - name: QUARKUS_MONGODB_HOSTS
-              value: agent-morpheus-client-db:27017
+              value: exploit-iq-client-db:27017
             - name: QUARKUS_MONGODB_DATABASE
               valueFrom:
                 secretKeyRef:
-                  name: agent-morpheus-client-secret
+                  name: exploit-iq-client-secret
                   key: mongodb.dbname
             - name: DOCKER_CONFIG
               value: /tmp/.docker
@@ -111,33 +111,33 @@ spec:
 apiVersion: v1
 kind: Service
 metadata:
-  name: agent-morpheus-client
+  name: exploit-iq-client
   labels:
-    app: agent-morpheus-client
+    app: exploit-iq-client
 spec:
   ports:
   - name: http
     port: 8080
     protocol: TCP
     targetPort: 8080
   selector:
-    app: agent-morpheus-client
+    app: exploit-iq-client
 ---
 apiVersion: route.openshift.io/v1
 kind: Route
 metadata:
-  name: agent-morpheus-client
+  name: exploit-iq-client
 spec:
   port:
     targetPort: 8080 
   to:
     kind: Service
-    name: agent-morpheus-client
+    name: exploit-iq-client
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: agent-morpheus-client-data
+  name: exploit-iq-client-data
 spec:
   accessModes:
     - ReadWriteOnce

@@ -1,4 +1,4 @@
-%% Analysis pipeline / workflow — aligned with morpheus-client backend behavior.
+%% Analysis pipeline / workflow — aligned with exploit-iq-client backend behavior.
 %% Product path: success / failed edge order (success left, failed right) where binary.
 %%
 %% Bold / line breaks: HTML in quoted labels (<b>, <br/>). Requires htmlLabels (init below).
@@ -13,7 +13,7 @@ flowchart TB
     classDef ok fill:#bbf7d0,stroke:#15803d,stroke-width:2px,color:#14532d
     classDef caption fill:#f8fafc,stroke:#94a3b8,stroke-width:1px,color:#334155
 
-    HEADER["<b>Exploit Intelligence -<br/>Analysis Pipeline</b>"]
+    HEADER["<b>ExploitIQ -<br/>Analysis Pipeline</b>"]
     class HEADER caption
 
     START([User request analysis])
@@ -33,7 +33,7 @@ flowchart TB
             SYFT_FAIL[[Syft failed<br/>submission failure / excluded]]
             CYCLONE_VAL["Parse &amp; validate CycloneDX<br/>from Syft output"]
             CYCLONE_FAIL[[CycloneDX parse / validation failed<br/>submission failure / excluded]]
-            TO_AGENT["Save report &amp; submit for analysis<br/>Morpheus queue"]
+            TO_AGENT["Save report &amp; submit for analysis<br/>ExploitIQ queue"]
 
             PER_CAPTION --> SYFT
         end
@@ -54,7 +54,7 @@ flowchart TB
         SC_CYCLONE_ERR[[CycloneDX parse failed<br/>immediate error to client]]
     end
 
-    subgraph AGENT["<b>Shared — Submit &amp; agent pipeline</b><br/>(RequestQueueService → Morpheus)"]
+    subgraph AGENT["<b>Shared — Submit &amp; agent pipeline</b><br/>(RequestQueueService → ExploitIQ)"]
         direction TB
         QUEUE_GATE["Is queue full?<br/>active reports &gt;= max active"]
         PEND_CAP[Pending queue<br/>below max size?]

@@ -471,4 +471,4 @@ Or run the testing script with debug flag:
 - [Quarkus Configuring Well-Known OpenID Connect Providers](https://quarkus.io/guides/security-openid-connect-providers)
 - [Keycloak Documentation](https://www.keycloak.org/documentation)
 - [GitHub OAuth Apps](https://docs.github.com/en/developers/apps/building-oauth-apps)
-- [Google OAuth 2.0](https://developers.google.com/identity/protocols/oauth2)
+- [Google OAuth 2.0](https://developers.google.com/identity/protocols/oauth2)
@@ -18,13 +18,13 @@ limitations under the License.
 
 For detailed authentication configuration including OpenShift OAuth, Keycloak, and external identity providers (Google, GitHub, Azure AD), see the [Authentication Guide](./authentication.md).
 
-## External Services (GitHub / Morpheus)
+## External Services (GitHub / ExploitIQ)
 
-Use the `rest-client` properties for updating the default the github and morpheus RestClient endpoints:
+Use the `rest-client` properties for updating the default the github and ExploitIQ RestClient endpoints:
 
 ```properties
 quarkus.rest-client.github.url=https://api.github.com
-quarkus.rest-client.morpheus.url=https://agent-morpheus:8080/scan
+quarkus.rest-client.exploit-iq.url=https://exploit-iq:8080/scan
 ```
 
 For development the external calls will be mocked using WireMock. The report behaviour
@@ -49,25 +49,25 @@ In production it is expected that the following environment variables are provid
 
 ## Queue and timeout
 
-In order to avoid overloading Morpheus, specially when a batch of requests should be processed,
+In order to avoid overloading ExploitIQ, specially when a batch of requests should be processed,
 you can configure a maximum number of ongoing requests and a maximum number of waiting
 requests. Finally it is possible to define the timeout for an ongoing request.
 
 ```properties
-morpheus.queue.max-active=5 #max number of ongoing requests
-morpheus.queue.max-size=100 #max number of waiting requests
-morpheus.queue.timeout=5m #duration of an ongoing request
+exploit-iq.queue.max-active=5 #max number of ongoing requests
+exploit-iq.queue.max-size=100 #max number of waiting requests
+exploit-iq.queue.timeout=5m #duration of an ongoing request
 ```
 
 Every 10 seconds the ongoing requests will be checked and expired if needed, then
-the waiting queue will be updated and send new requests to Morpheus
+the waiting queue will be updated and send new requests to ExploitIQ
 
 ## Pending Component Syncer timeout
 
 The Component Syncer is responsible for pre-processing component documents during product scanning. You can configure the timeout for the syncer to control how long the system waits for the component synchronization process to complete and send processed batch for analysis before timing out.
 
 ```properties
-morpheus.syncer.timeout=1h # duration to wait for component syncer during pre-processing
+exploit-iq.syncer.timeout=1h # duration to wait for component syncer during pre-processing
 ```
 
 Set this value according to the expected processing time for your product. If the syncer does not finish within the configured timeout, any components still pending will be marked as expired.
@@ -78,8 +78,8 @@ You can activate the purge for old reports. By default is disabled and unless th
 cron expression is provided it will not be executed.
 
 ```properties
-morpheus.purge.cron=0 0 * * * ? #Run every midnight
-morpheus.purge.after=7d #Remove reports older than 7 days
+exploit-iq.purge.cron=0 0 * * * ? #Run every midnight
+exploit-iq.purge.after=7d #Remove reports older than 7 days
 ```
 
 ## Includes / Excludes