Our products

Security tools we’ve built, in production today.

Practical, AI-powered applications designed and secured by our team — applying generative AI to real-world cybersecurity and compliance challenges. Explore each live below.

Mark My Words

AI-powered legal document analysis

A full-stack, AI-powered web app that helps users understand the critical implications hidden in lengthy legal documents like Terms of Service and Privacy Policies. Upload a PDF or DOCX — or point it at a URL — and get clear, concise summaries of data-sharing practices, hidden fees, and arbitration clauses, so individuals and organizations can make informed decisions.

Key capabilities

  • Summarizes risky clauses in ToS & privacy policies
  • PDF, DOCX upload or URL scraping with SSRF protection
  • Intelligent document chunking for GPT-4o analysis
  • Stateless processing and rate-limiting for a smaller attack surface
  • Surfaces vendor-risk & compliance flags (HIPAA, SOC 2, NIST 800-53/171)

Built with

  • React 19
  • Node.js & Express
  • OpenAI GPT-4o
  • Vercel
  • Cloudflare (WAF / CDN / DDoS)
Visit Mark My Words

Phishing Sonar

AI-powered phishing triage for defenders

A defender-focused phishing triage tool that rapidly analyzes suspicious email content. Paste an email and Phishing Sonar returns a structured breakdown of threat indicators, a clear verdict, and a confidence score — accelerating SOC triage while keeping privacy first with client-side PII redaction and hash-only retention by default.

Key capabilities

  • Verdict + confidence score for pasted email content
  • Client-side PII redaction before any data leaves the browser
  • Detects sender-auth (SPF/DKIM/DMARC), URL anomalies & social engineering
  • IOC export to STIX 2.1, CSV, Splunk, Elastic & Sentinel formats
  • Hash-only retention by default; redacted shared links

Built with

  • React
  • Tailwind CSS
  • Supabase
  • Anthropic Claude API
  • STIX 2.1 IOC export
Visit Phishing Sonar

Bump In The Log

AI-assisted log investigation for SOC analysts

An AI-assisted log investigation tool that accelerates SOC triage. Ingest multi-format logs and Bump In The Log reconstructs a chronological event timeline, flags anomalies, maps activity to MITRE ATT&CK, and recommends the next investigative pivots — turning hours of manual log sifting into a streamlined workflow that lowers MTTD and MTTR.

Key capabilities

  • Multi-format ingest (CloudTrail, Azure, GCP, EDR, syslog, JSON, firewall, VPN)
  • Reconstructs correlated, timestamp-normalized event timelines
  • AI-assisted anomaly detection with confidence-rated findings
  • Maps activity to MITRE ATT&CK tactics & techniques
  • Line-number traceability back to raw logs; ephemeral, no-retention processing

Built with

  • Log Analysis & Correlation
  • AI-Assisted Analysis
  • MITRE ATT&CK
  • Cloud Audit Logs (AWS / Azure / GCP)
  • SOC Investigation & IR
Visit Bump In The Log

Attack Branch

AI-assisted threat modeling & security architecture review

An AI-assisted threat modeling platform that shifts security left. Describe a system and Attack Branch converts it into a structured security analysis — component and data-flow diagrams, STRIDE coverage, attack trees, risk heat maps, and phased mitigation roadmaps — so teams can find and fix design flaws before any code is written.

Key capabilities

  • Turns system descriptions into component & data-flow models
  • Full STRIDE threat enumeration with attack trees
  • Risk heat maps and phased mitigation roadmaps
  • Cross-references MITRE ATT&CK, OWASP Top 10 / ASVS, API Top 10 & NIST
  • Audit-ready exports for design reviews and ticketing systems

Built with

  • Threat Modeling & STRIDE
  • Attack Trees
  • AI-Assisted Analysis
  • MITRE ATT&CK & OWASP ASVS
  • NIST Controls Mapping
Visit Attack Branch

Want a custom security tool?

We design and build secure, AI-powered applications tailored to your compliance and operational needs. Tell us about your challenge.