Engineered in Germany / Netherlands v1.0.2

THE DESKTOP
AGENT FOR THE
AUTONOMOUS SOC

// Stop drowning in dashboards.
SecUnit is a local reasoning engine that sits between you and your 30+ vendor tools.

Command Copied
[+] 96% Accuracy (Tier 1)
[+] Anti Lock-in Logic
[+] 2hrs -> 4mins Analysis
[+] EU Data Residency
SECUNIT_TERMINAL READ_ONLY
RAM: 420MB ● NET_ACTIVE
Queue
INC-4402
Processing...
INC-4401
Resolved
Mode
AUTONOMOUS
RECIPE
Session Recorder

TURN WORK SESSIONS
INTO ROUTINE RECIPES.

Don't repeat yourself. SecUnit observes your manual investigations and suggests Routine Recipes - agentic workflows you can save and schedule.

  • 1
    Manually investigate an alert once.
  • 2
    SecUnit captures the logic tree & API calls.
  • 3
    Save as IDENTITY_THREAT.yaml.
  • 4
    Schedule it to run every morning at 08:00.
MANUAL_SESSION.LOG

> Querying Splunk...

> Filtering for UserID...

> Checking GeoIP...

> Looks safe. Closing.

NEW RECIPE
IDENTITY_THREAT.YAML

description: "Auto-triage identity threats"

activities:

- "query logs in Splunk"

- "compare geoip data via Shodan"

- "check privileges in Sailpoint"

parameters:

- key: "incident_id"

// POPULAR_RECIPES_LIBRARY

IAM_ADMIN.YAML
description: "Verify privileged group changes"
activities:
- "check ticket status in Jira"
- "verify notice period in SAP"
- "revert if unauthorized in EntraID"
parameters:
- key: "user_id"
- key: "group_name"
SMART_PATCH.YAML
description: "Prioritize based on context"
activities:
- "check loaded libs via Qualys"
- "verify exposure on M365 Defender"
- "auto-ticket if critical in ServiceNow"
parameters:
- key: "cve_id"
- key: "host_list"
EXFIL_HUNTER.YAML
description: "Detect slow data exfiltration"
activities:
- "fetch baseline metrics from Splunk"
- "analyze outbound volume via M365 KQL"
- "block suspicious IPs in ZScaler"
parameters:
- key: "lookback_hours"

Glass Box Autonomy,
Endlessly Extensible.

SecUnit is an agentic reasoning layer and a vendor agnostic navigator,
and can interface with 100+ tools while remaining fully auditable.

M365 Def
CrowdStrike
Splunk
Wiz
Okta
Custom MCP

COMPLIANCE_AWARE

SecUnit operates with regulatory awareness. It guides your security engineering to align with NIS2 and ISO 27001, making compliance a byproduct of robust operations.

> Check control alignment (ISO A.8)
> Generate decision audit trail

ADAPTIVE_MEMORY

Updates its local vector memory based on your feedback and the results of your actions. It learns "Tribal Knowledge" that isn't in the logs.

User: "Server-X is a backup server."
SecUnit: "Context updated. Suppressing traffic alerts for Server-X."

YOUR DATA. YOUR RULES.

We prevent vendor lock-in and keep your logic local.

LOCAL EXECUTION
API keys and session tokens never leave your machine. The reasoning engine runs on your hardware.
HUMAN-ON-THE-LOOP
Set autonomy levels. Auto-close Tier 1 alerts, but require approval for Tier 2.
DATA RESIDENCY
Engineered in Germany / Netherlands. GDPR compliant by design. No data trains external models.