We believe in contributing to the cybersecurity community and DevSecOps principles. We develop and maintain these security solutions to help our clients and community advance their programs.


SIFTR™ is an automated but manually validated Open Source Intelligence
(OSINT) platform for identifying publicly-accessible cybersecurity risks. SIFTR™ uses machine learning algorithms (no, really) to search in deep public places that normal scanners do not reach or recognize. You can access the findings in the portal or use the API to feed the results directly to your analytics platform.


VECTR™ is an industry standard for MITRE ATT&CK alignment, Purple Teams, Attack Simulation and Red Teams documentation and metrics. This freeware enables planning, prioritization and measurement against MITRE ATT&CK, assesses the effectiveness of defensive tools, and creates meaningful improvement metrics. VECTR™ was featured at BlackHat Arsenal 2019 and is taught in three SANS classes (that we’re aware of).

H24™ “Honeycomb” Capabilities Framework

A cybersecurity capabilities maturity framework that helps you visualize, evaluate, and prioritize your cybersecurity roadmap using clearly defined, objective criteria to validate each maturity level. H24 is not general – it’s prescriptive with guidance on “what good looks like”. H24 maps to other frameworks like NISF CSF, HIPAA and ISO27k but also covers emerging areas that other frameworks don’t keep pace with.

Visit our GitHub page to learn more about our latest tools

Explore VECTR, TALR & more!