Solutions in R&D development
We build our own prototypes, because in industrial cybersecurity documentation alone is not enough. They help us understand our clients' problems better: OT/IT separation, event monitoring, evidence of compliance and vulnerability handling. These are not products ready for sale. We present them as proof of practice and a starting point for a conversation about services, a pilot or technical requirements.
One-way OT→IT data gateway
R&D prototype / OT-IT separation / monitoringA prototype gateway for sending selected logs, events and telemetry from the OT network to an IT environment or SIEM. The goal is to limit the return path from IT to OT and to show how to design industrial monitoring with the principle of data minimisation and one-directional transmission.
What it shows: an understanding of the OT/IT boundary, a practical approach to monitoring without opening a two-way channel, thinking about whitelisting and event queuing, and designing the architecture for Wazuh/SIEM and evidence material. This is a research prototype, not a certified data diode, and it does not replace solutions for critical infrastructure.
OT Monitoring Node
R&D prototype / edge monitoringA prototype of a local monitoring node for small and medium industrial environments. It collects selected logs, statuses and security signals, performs initial triage of alerts and builds an evidence trail without sending sensitive process data to the public cloud.
What it shows: a practical approach to OT monitoring for smaller companies, an understanding of budget constraints and the lack of a 24/7 team, and experience with Wazuh/SIEM, agents and alerts. This is a prototype; we do not provide a full 24/7 SOC, we do not promise detection of every incident, and the local AI does not replace an analyst.
Product Cyber Evidence Workspace
Internal R&D tool / CRA / evidenceAn internal tool for organising product cybersecurity evidence: product families, requirements, gaps, SBOM-lite, the vulnerability handling process, advisory templates and mapping to CRA, IEC 62443 and KSC/NIS2. We use it to run advisory services faster and more consistently.
What it shows: experience in building workflows and documentation systems, and a practical approach to evidence, not just descriptions in a PDF. We do not sell it as a platform or a BPM system, and it does not promise automatic CRA compliance.
Local AI assistant for documentation
R&D prototype / local AI / RAGWe experiment with local language models and RAG to speed up documentation analysis, requirements mapping, alert summarisation and work with evidence material, without sending data to public models.
What it shows: practical use of local AI with source control, and an understanding of model limitations (hallucinations, the need for verification). This is a supporting tool for an expert. AI does not make legal or security decisions on behalf of a human, and it does not replace an auditor or an analyst.
What these prototypes say about our approach
These solutions are not a separate product offering. They are the way we test architecture, constraints and the practical problems of our clients. Thanks to this, our CRA Snapshot, OT / IEC 62443 Mini-Gap, PSIRT / SBOM Starter and Cyber Insurance Evidence Check services rest not only on checklists, but also on experience from building tools, integrations and working with technical data.