Phase 1 Prototype / European Protective Intelligence

Zero-Knowledge OSINT
for Physical Risk Teams

Aegis now frames the first operating slice: tenant-isolated auth, encrypted VIP records, compliant European OSINT scanning, and a security director dashboard built for action before exposure turns into movement risk.

View Risk ConsoleInspect Backend Model
98.7%tenant-isolated queries
4 EUscanner source families
<5mcritical alert target SLA
0 PIIin watchlist joins
Backend Foundation

Multi-tenant control plane with zero-knowledge guardrails.

The Phase 1 backend artifacts in backend/ define the PostgreSQL tenant hierarchy, encryption boundaries, watchlist hash model, and FastAPI route shape needed for implementation.

01

Tenant-scoped row policies

Organization, division, and protection-cell records inherit access through a materialized tenant path and row-level policies.

02

Envelope-encrypted VIP PII

VIP names, addresses, documents, and family links stay encrypted at field level with per-tenant data keys.

03

HMAC-SHA256 watchlist joins

Watchlist comparisons use deterministic HMAC digests so scans can match sensitive terms without storing raw identifiers.

04

FIDO2 challenge ledger

Passkeys bind security directors to hardware-backed MFA with auditable challenge creation and replay protection.

05

Zero-knowledge recovery split

Recovery is modeled as split authorization: tenant admins can restore access without Aegis reading VIP secrets.

European OSINT Scanner

Prototype scanner modules prioritize public, consented, and defensible sources.

Each module emits normalized findings with source provenance, geospatial confidence, actionability, and legal-basis notes for downstream review.

15m

Social Media

Opt-in handle monitoring, public mention clustering, travel-routine inference, family-tag risk hints.

6h

EU Registries

Company officer deltas, beneficial ownership signals, director-address spillover, sanctions-adjacent entities.

30m

Geo Intelligence

EXIF residue checks, landmark matching, venue recurrence, residence-proximity scoring.

live

Physical Risk

Exposure severity, adversary actionability, recency, VIP itinerary sensitivity, mitigation state.

Security Director Dashboard

Portfolio command view

Protected PrincipalsRisk Score
86

Elena V.

Critical +12

Principal, Milan Family Office

Umbra / Private Wealth / Italy Desk
Villa geotag clusterRegistry director linkSchool-run pattern
64

Marc D.

Elevated +5

Public Markets CEO, Paris

Umbra / Corporate / France Desk
Board filing updateConference itineraryVehicle plate mention
41

Sofia R.

Watch -8

Founder, Madrid

Umbra / Founders / Iberia Desk
Archived addressFamily-tagged photoOld incorporation record
Live Alert Feed3 new
08:42 UTCIT-CAMCritical

Geo-tag correlation near secondary residence

Three public image posts triangulate within 310m of a Naples coastal property tied to a protected principal.

08:17 UTCFR-IDFHigh

EU corporate registry delta matched watchlist hash

A new beneficial ownership filing references a hashed associate identifier without exposing the underlying watchlist value.

07:55 UTCES-MDMedium

Routine inference confidence dropped

Removal workflow suppressed two historic school-run references; residual physical-risk confidence decreased by 8 points.

Export Readiness

Board-ready PDF report path

The export action uses print-to-PDF today and is wired for a server-side renderer once the FastAPI report worker is deployed. Print styles preserve executive summary cards, alert context, and portfolio risk scores while hiding navigation chrome.

Clearance-Level Protection

Phase 1 is ready for founder review.

The prototype now presents the product architecture, scanner scope, and director workflow in a single deployable experience.

Join as Founding Member