AI-Enhanced Security Products
Purpose-built SaaS tools
for security operations, forensics, threat intelligence, and offensive security. Each product is designed to work standalone or as part of the OSinfo ecosystem.
Prodigo
Prodigo is a counsel-directed analytical platform that brings machine-assisted reasoning to large-scale document review — without exposing privileged material to third-party AI services. Following U.S. v. Heppner (SDNY 2026), documents processed through commercial AI platforms are not protected by attorney-client privilege. Prodigo solves this: it operates as licensed litigation support infrastructure under your firm’s direction, processing sensitive content entirely on locally hosted models while sanitizing any cloud-bound analysis through a multi-layer anonymization proxy.
Key Capabilities
- Blind Access Review (Dark Room) — AI reads the corpus and responds to natural language queries with cited summaries; counsel never sees raw unreviewed documents
- Formal “Produce It” gate moves documents into a reviewable Production Room with full chain of custody
- No privileged data leaves your environment — sensitive content processed entirely by locally hosted models
- Sanitized cloud calls — multi-layer anonymization proxy strips all identifying information before external API calls
- No model training on your data — ever. No retention outside your controlled case environment
- Every answer traces to a specific source artifact — control number, Bates range, or file reference
- Full audit trail — every query, document view, and production decision logged with user identity and timestamp
- Per-case isolation — separate database, vector index, file store, and access controls per matter
- Guided analytical workflows — contextual prompt suggestions and investigation playbooks tailored to matter type
- Sandbox demo case included for sales demos, onboarding, and training
TacFuse
TacFuse is a hardened, modular platform that fuses physical and digital sensor data into a single tactical operating picture. Think of it as a security-grade command center that ingests aircraft transponders, public safety radio, WiFi/BLE device location, passive radar drone detection, human locations, weather data, and more correlating everything in real time on a 2D/3D tactical map.
Key Capabilities
- Real-time aircraft, drone & ship tracking via local SDR receivers
- Analog & P25 public safety radio capture with AI-powered speech-to-text and data enrichment
- WiFi and BLE device discovery with multilateration positioning
- Passive radar & Wireless channel-state-information 3D positioning
- AI enhanced automated alert analysis engine
- NATO MIL-STD-2525 military symbology and NATO Admiralty scoring
- Pluggable integration framework (app-store model for adding data sources)
- Easy integrations to web APIs, RSS feeds, and local hardware sensors
- Can integrate with (A)TAK & ingest / export KMLs
- Auto generates written & spoken reports
StrikeFrame
StrikeFrame streamlines the entire penetration testing lifecycle into a single orchestrated platform. AI assists with scoping document ingestion, target extraction, tool orchestration, finding deduplication, and report generation â while hard scope enforcement via firewall rules ensures assessments never go out of bounds.
Key Capabilities
- AI-powered scoping: ingest PDFs, DOCX, emails extract targets and rules of engagement automatically
- Five-phase assessment workflow: Scoping, Discovery, Initial Access, Exploitation, Reporting
- Integration framework for security tools (nmap, nuclei, subfinder, etc.) plugin architecture modeled after Home Assistant
- Hard scope enforcement via iptables/nftables with kill switch
- Digital twin visualization of target network/systems
- Compliance mapping: NIST 800-53, CIS Controls, OWASP Top 10, PCI DSS
- Full CLI with feature parity to the web UI
- Configurable LLM backend: BYO API key (OpenAI, Anthropic, xAI) or local Ollama
NexTrace
NexTrace is a high-performance alternative to legacy forensic tools like Magnet AXIOM Cyber. Built on a multi-threaded Rust engine with QUIC-based network transfers, it reduces forensic processing times by 3-4x and transfer times by 4x+ while maintaining court-admissible chain-of-custody integrity.
Key Capabilities
- Multi-threaded Rust processing engine for 100 GB+ datasets
- QUIC multi-stream transfers for forensic images over unreliable networks
- Elasticsearch-backed eDiscovery for petabyte-scale search
- AES-256 encryption at rest, TLS 1.3 in transit
- Immutable chain-of-custody tracking
- Offline AI analysis no cloud dependencies
- IoT/embedded firmware analysis for vulnerability detection
- Built-in case manager and investigation playbooks
DumpDen
DumpDen ingests, normalizes, and indexes breach data, credential dumps, and ransomware actor intelligence into a searchable platform with GPU-accelerated hash cracking and enrichment plugin support for offensive security tools.
Key Capabilities
- Automated ingestion pipeline: extract, decompress, scan, normalize, deduplicate, index
- Full-text search across petabytes of breach data
- GPU-accelerated Hashcat queue with 300+ hash mode support
- Enrichment plugins for StrikeFrame, Cobalt Strike, Metasploit, and other frameworks
- Standing query server with alerting (monitor for new exposures by selectors)
- Multi-tenant RBAC with billing integration
- Malware scanning on all ingested data
Detect
Detect is a comprehensive network discovery and device fingerprinting platform designed for enterprise security, compliance, and asset management. It combines passive network monitoring with active scanning techniques to build accurate device identities across your network.
Key Capabilities
- Passive scanner & sniffers
- Active scanners
- Wired & Wireless protocols
- Continued collection creates a more defined fingerprint
- CLI, Web-UI, API allowing Detect to intergrate into other tools like StrikeFrame
- Compliance ready: PCI-DSS, HIPPAA support in enterprise edition
- Distributed deployment for enterprise edition
BulkHaul
BulkHaul turns multi-day file transfers into multi-hour operations. A single Go binary handles chunked, resumable, encrypted transfers with SHA-256 integrity verification at every step purpose-built for forensic evidence collection and large-scale data movement.
Key Capabilities
- Chunked transfers with configurable chunk sizes (1 MB - 256 MB, default 64 MB)
- TLS 1.3 always-on encryption with pre-shared key authentication (no PKI needed)
- Resumable transfers reconnect and continue where you left off
- SHA-256 per-chunk integrity verification with post-transfer audit
- Adaptive chunk sizing based on network conditions
- Bandwidth limiting with token bucket rate control
- Intelligent compression (Shannon entropy analysis only compresses compressible data)
- Full directory support with metadata preservation (permissions, ownership, timestamps)
- Cross-platform: Linux, macOS, Windows, FreeBSD
StaticBins
StaticBins builds and distributes statically-linked binaries for 50+ security, forensics, and system administration tools. Drop a single executable onto any system â no package manager, no shared libraries, no traces â and get to work.
Key Capabilities
- 50+ tools across 6 categories: coreutils, network/recon, forensics, firmware/hardware, tunneling, utilities
- Multi-platform: Linux (x86_64, ARM64, ARM, x86), Windows, macOS, FreeBSD including legacy targets (RHEL6, Win7, kernel 2.4.x)
- Reproducible Docker-based builds with musl-libc static linking
- SHA-256 checksums and optional GPG signing
- YAML-based tool specifications fully auditable build definitions
- Interactive wizard mode for guided tool selection
- Legacy compatibility mode for old kernels and OS versions