Every capability,
in one operational console.

Spot vessels that switch off their AIS by matching radar signatures from Sentinel-1.

Cross-references live AIS broadcasts with Sentinel-1 SAR detections over the same time-window. Vessels visible on radar but absent from AIS are surfaced as candidate dark-fleet contacts with confidence scoring.

Flag ship-to-ship transfers happening outside designated anchorages — the #1 sanction-evasion vector.

Continuously scans vessel-pair proximity, relative speed and dwell-time outside designated anchorage zones. Triggers an STS event when two AIS tracks rendezvous at sea, with draft-mismatch and cargo-class context.

Continuously score every vessel for shadow-fleet behaviour and surface the riskiest hulls.

Composite risk score combining AIS gaps, flag-hopping cadence, ownership obfuscation, sanction proximity and STS history. Each component is auditable and traceable to its source.

Live transit watch on Hormuz, Bab-el-Mandeb, Malacca, Suez and Panama.

Aggregates vessel transits through each chokepoint with cargo class, flag distribution and sanctioned-hull share. Anomaly alerts when transit volume or composition deviates from a 28-day baseline.

Cross-check every vessel, aircraft, person and company against OFAC, EU, UK, UN, Swiss, Canadian and Australian lists daily.

Daily refresh of all 7 sanctions regimes via OpenSanctions + direct authoritative pulls. Fuzzy-match on MMSI, IMO, name, AKA and ownership chain. Every hit is sourced to the original list and entry date.

Track military aircraft including blocked tail numbers — using uncensored ADS-B feeds.

Ingests uncensored ADS-B Exchange data plus OpenSky academic feed. Military hex-codes (NATO, RU, IL, etc.) are classified by ICAO 24-bit, callsign convention and known operator base. Patterns of training, deployment and ferry flights are baselined.

Baseline an operator’s recurring flights and surface the rare anomalies.

Builds a statistical baseline per tail number — typical airports, frequency, time-of-week, route shape. Alerts when a new destination, unusual hour or ADS-B-off event breaks the pattern.

Catch the moments aircraft go dark — across routes, time-windows and operators.

Detects ADS-B transponder dropouts inconsistent with terrain, altitude or operator profile. Cross-references with traffic-control planned routes when available to separate maintenance noise from intentional dark legs.

Order Sentinel-2 (optical) or Sentinel-1 (SAR) over any coordinate, any date.

Queries the Copernicus Data Space Ecosystem for the freshest cloud-free Sentinel-2 acquisition or all-weather Sentinel-1 SAR over a target. Async pipeline handles large mosaics and side-by-side compare.

Two acquisitions, one verdict — see exactly what changed between two dates.

Side-by-side compare with synchronized scroll, opacity blend and difference overlay. Annotate, export and embed in a court-ready dossier.

Trace the ultimate beneficial owner of any vessel, asset or counter-party in seconds.

Combines OpenCorporates, OpenSanctions, SEC EDGAR, Companies House and Equasis. Builds the ownership chain, surfaces shell-company patterns and flags jurisdictional opacity. Each hop is sourced.

Collapse duplicate records that refer to the same vessel, person, company or aircraft.

Probabilistic match on identifiers, aliases, ownership chain and behavioural fingerprint. Builds a canonical entity ID and tracks every alias, mistyping and historical name.

Surface the non-obvious connections between vessels, people, companies and addresses.

Runs community-detection and centrality algorithms across the live entity graph. Surfaces clusters that share a UBO, a registered address, a phone number or a behavioural fingerprint.

Baseline normal — then catch every deviation.

For any vessel or aircraft, compute the statistical baseline of recurring movements over a configurable window. Anomalies are scored and ranked; the system explains why each one stands out.

A composite score that summarises everything we know about an entity, with full transparency.

Combines sanctions hits, dark-fleet behaviour, ownership opacity, breach exposure and network proximity to known bad actors. Every sub-score is auditable — no black-box ML.

A Claude Sonnet 4.5 analyst that reads the entire graph and writes the brief.

Operates strictly on the data already loaded into the investigation. Generates source-cited briefs, drafts recommendation memos and answers natural-language questions. Refuses to speculate when evidence is thin.

Spot the entity that appears in two of your active investigations — automatically.

When the same vessel, company, hex or phone number surfaces in multiple investigations, you get a notification. Lets a team of analysts triangulate without sharing notes manually.

Every event, every move, every transaction — on one chronological axis.

Merges AIS tracks, ADS-B segments, sanctions actions, port calls, ownership changes and breach events into one auditable timeline. Filter, zoom, annotate and export.

Every claim is sourced. Every signature is HMAC-verifiable.

Dossiers ship as PDF with every figure linked to its raw source, every screenshot timestamped, every claim citation-annotated. The PDF itself is HMAC-signed for tamper detection.

Fan out a single query across 30+ OSINT sources in parallel — one normalised result set.

A single search is dispatched to Shodan, Censys, OpenCorporates, OpenSanctions, HIBP, IntelX, GDELT and others in parallel. Results are normalised, deduplicated and ranked by relevance.

Score exposure across HIBP, IntelX, DeHashed and LeakCheck — without leaking your query.

Aggregates exposure data on identifiers (email, phone, username). Queries are k-anonymised where the upstream API supports it. Surfaces re-used passwords, dump dates and corroborating sources.

Continuous watch on paste sites, dark-web marketplaces and threat-actor disclosures.

Indexed via IntelX and partner feeds. Alerts on entity mentions, leaked datasets and ransomware-blog posts referencing the watched keyword set.

Index public X, Telegram and Reddit content tied to monitored entities.

Public-only collection via partner APIs (SocialData for X). No private chats. Posts are timestamped, hashed and linked back to the entity graph for pivot.

Webhook, email or in-platform — fire the moment a watched entity moves.

Per-entity, per-event-type alerts: AIS gap, port-call, sanctions hit, breach mention, social spike. Webhook payloads are HMAC-signed for downstream integration trust.

Drop a CSV of identifiers — get a full screen, dossier and pivot graph back.

Upload up to thousands of MMSI/IMO/IATA/ICAO/email/company-name rows at once. Each row is screened against sanctions, dark-fleet, breach and corporate sources in parallel. Status is reported per row.

Embed a public, HMAC-signed feed of geopolitical events on any newsroom dashboard.

GDELT + ACLED + curated incident feed, packaged as an embeddable widget with HMAC signing. Powers the public crisis broadcast on the SENTINEL home page.

Every raw signal is archived for 2 years — verifiable, replayable, auditable.

AIS, ADS-B, satellite acquisitions and dossier snapshots are written to cold storage and replayable on demand. Lets you reconstruct any past event with the data we had at the time.

Wire SENTINEL GIP into your existing stack — REST + webhooks, HMAC-signed.

Full programmatic access to screening, search, batch import, alerting and dossier-generation endpoints. Every webhook payload is HMAC-signed for downstream zero-trust integration.