Platform

Everything connected. Nothing missed.

The GHOSTLINE platform approach connects visibility, signal, deception, evidence and response into one operating picture.

The Platform

Everything connected. Nothing missed.

GHOSTLINE is not a collection of separate tools bolted together. It is a single platform where everything talks to everything else. When your email protection spots something suspicious, your device monitoring already knows. When a threat is blocked, the record is already saved. Nothing falls through the cracks.

How information flows through GHOSTLINE

YOUR SYSTEMSdevices, email, cloud
ARCHIVErecords everything
COREconnects the dots
WATCHyour clear view

Events from your business flow in, get recorded permanently, connected together into a clear picture, and presented to you in language anyone can follow.

Platform layers

VEIL and SPECTRE now sit inside the main platform view, so visitors understand them as part of the same operating system: protect, detect, deceive, test, verify, and improve.

The core of the platform

Everything GHOSTLINE does feeds into a set of core systems that work as one. Together they give you deception, memory, visibility, and the intelligence to make sense of it all.

VEIL: The Tripwire System

VEIL places invisible traps across your business environment: fake files, fake login pages, fake credentials. No real person would ever touch them. So if something does, you know immediately that someone is where they should not be. It is like scattering invisible ink across your office: only an intruder leaves fingerprints.

ARCHIVE: The Permanent Record

ARCHIVE keeps a permanent, tamper-proof record of every security event and every action taken. Nothing can be deleted or changed after the fact. If you ever need to show an insurer, a regulator, or a court what happened and when, the evidence is already there, already timestamped, and already organised.

WATCH: Your Security Dashboard

WATCH shows you the state of your security in clear language. Are things getting better or worse? Are there any open issues? What has been done recently? It pulls everything together into a simple, clear view you can share with your board, your clients, or your insurance provider.

ORACLE: The Smart Assistant

ORACLE is the built-in intelligence that helps make sense of what is happening. It reads alerts so you do not have to, highlights what actually matters, and helps a small team do the work that would normally need a much larger one. Think of it as having a security analyst on call, built right into the platform.

═══ PLATFORM EMBED // VEIL ═══
Platform Layer // The Tripwire System

GHOSTLINE VEIL

VEIL places believable traps across your business. If a threat touches one, we know immediately. Attackers see things that look real. You see their presence the moment they interact.

VEIL active|armed: 0 • triggered: 0
live

0

Armed

0

Triggered

4

Zones

3

Types
EMAIL
Decoy mailboxes, tokenised links
0 traps
CLOUD
Fake service principals, canary policies
0 traps
ENDPOINTS
Honeyfiles, sentinel processes
0 traps
SHARES
Honeydocs, canary credentials
0 traps
Selected Trap
Click a trap above to inspect.
state: idle
zone
-
type
-
label
-
Types:
HT Honeytoken
DY Decoy
CN Canary
Triggered

How VEIL Works

Trap files
Fake documents and login details placed where only an intruder would find them. If anyone opens one, we know someone is inside who should not be.
Decoys
Fake services and systems that look real to an attacker. They waste time investigating things that do not exist while we watch.
Tripwires
Invisible markers scattered across your network. If someone moves between systems in a way they should not, the tripwire fires.
The idea
Give attackers something to interact with. The moment they do, they reveal themselves.

Activity Log

live feed
Waiting for trap activity...
═══ PLATFORM EMBED // SPECTRE ═══
Platform Layer // Offensive Testing

SPECTRE

GHOSTLINE protects you. SPECTRE tests whether that protection actually works. It looks at your business the way an attacker would, finds the weak spots, proves they are real, and tells you exactly how to fix them. Then it checks again to make sure the fix worked.

14
Testing modules
3
Safety levels
Human approval required
Works with GHOSTLINE

What SPECTRE is not

SPECTRE is not a basic scanner that produces a list of theoretical issues. It is not a one-off test you run once a year. It is a continuous testing system that finds real, provable weaknesses in your defences and shows you how an attacker could use them, with evidence and clear steps to fix each one.

Safety Levels

LEVEL A
Observation only. Looks at publicly available information about your business without touching anything. Like reading a shop window from the pavement.
LEVEL B
Active but safe. Sends standard web requests, checks security settings, and takes screenshots. Like trying the front door handle to see if it is locked.
LEVEL C
Deeper testing. Checks whether weaknesses can actually be used by an attacker. Always requires your written approval before running.

The 14 Modules

COMMAND A

Controls who can run tests, what they can test, and keeps a complete record of every action taken.

SURFACE A

Discovers everything about your business that is visible from the internet: websites, subdomains, cloud services, and open doors.

DARK MIRROR A

Checks whether your staff credentials or company data have appeared in known data breaches, leak sites, or dark web markets.

VERIFY B

Confirms whether a weakness is real and exploitable, with screenshots and evidence. Not just a theoretical risk score.

GHOST PROTOCOL B

Tests your defences the way a real attacker would: carefully, quietly, and without triggering obvious alarms.

SIGNAL A

Connects findings to real-world threat data: which weaknesses are being actively targeted right now? How urgently should you fix them?

NEURAL CHAIN B

Maps how multiple small weaknesses could be chained together to achieve a serious breach. Shows the full attack path, not just individual issues.

PHANTOM C

Simulates the behaviour of real threat groups against your systems to see how your defences respond under realistic pressure.

STAND ALONE COMPLEX C

Runs full end-to-end testing campaigns that chain multiple modules together for comprehensive assessments.

OPERATIONS A

Manages the scheduling, running, and tracking of all tests. Makes sure everything runs smoothly and nothing is forgotten.

EVIDENCE A

Stores proof for every finding: screenshots, logs, timestamps. Evidence you can show to an insurer, auditor, or regulator.

DOSSIER A

Produces clear reports: what was found, why it matters, how to fix it, and whether things are improving over time.

WATCHTOWER A

Watches for changes between tests. If something new appears or a fix is undone, you get an alert straight away.

PANOPTICON A

A live dashboard showing every test in progress, every finding, and the overall state of your security testing programme.

The Continuous Cycle

SPECTREfinds weaknesses
PRIORITISEranks by impact
GHOSTLINEfixes and protects
SPECTREchecks the fix worked

GHOSTLINE protects. SPECTRE tests. Together they create a continuous cycle: find weaknesses, fix them, verify the fix, and repeat. Your security gets stronger every cycle.