AI-augmented SOC · Blast Radius Intelligence

Endpoint investigation used to take 45 minutes.
Puck takes 90 seconds.

And the answer is on the screen before the incident responder opens the case. Puck maps what every credential on every endpoint can reach — without touching production.

Request early access See it run →

Complementary to your EDR. On-prem or dedicated single-tenant by default.

puck | Investigation Explorer
2,847 agents
CrowdStrike just flagged eng-laptop-47. If it's compromised, what does it actually reach?
Clean
Finding
Deviating
Hive hit
Lateral
Completed in 91 seconds

Click "Run" to watch the chain unfold.

Agents report back. Deviations happen. The blast-radius map builds itself.

The first 24 hours

Find the credentials you forgot you had.

First sweep, every fleet we've pointed Puck at has surfaced something the team didn't know was there: a long-lived AWS admin key in a senior engineer's shell history, a GitHub PAT with org-admin scope cached on a contractor's laptop, an unencrypted SSH key with prod database access, a service-account JSON in ~/Downloads. Not because the host was special. Because nobody had looked closely, and nobody had a way to look across the fleet at once.

Discovery isn't a scan. No rules to author, no packs to maintain. Same agentic investigation Puck runs for an incident, just pointed at the host's own posture: "what's here, and what does it reach?"

The problem at fleet scale

Endpoint blast radius is only legible during a breach.

At 10,000 endpoints, nobody has a live answer to "if this laptop is compromised, what does it actually reach?" Scanners give you vulnerabilities. EDR gives you alerts. Secrets detection finds credentials in repos. None of them trace a credential from a specific endpoint to the systems it can authenticate to. You only see that chain when an incident forces an analyst to map it by hand.

~11 mo
typical dwell of a credential before it surfaces (usually during the incident that reveals it)
~0
security teams with a live answer to "what does this endpoint actually reach?"
the same chain gets re-investigated per quarter — institutional knowledge walks out the door

How fleet scale changes things

Ask. Reason. Investigate. Map. Compound.

A pathfinder explores one endpoint with a multi-turn LLM conversation. The brain compiles a signed plan, fans it out, and every agent reports back with reach — not just findings. The output is an endpoint-blast-radius map. High-confidence chains compile into Calibrated Detection — deterministic checks tuned to your environment that don't need an LLM to re-run.

01Ask
Natural-language question from your console, Slack, or API. Any trigger — an EDR alert, a named CVE, an off-boarding ticket — produces a valid question.
02Reason
Brain reasons through a pathfinder agent, compiles a signed plan with conditional branches, distributes to every relevant endpoint.
03Investigate
Read-only commands run in parallel. Each agent doesn't just find — it follows. Tests reach, traces chains, confirms what's reachable from what. Deviations route back to the brain for follow-up.
04Map
Findings aren't a list — they're a blast-radius map. Credentials, CVEs, hosts, identity roles, service trusts, every edge confirmed by read-only probe. The artifact is "from this endpoint, here is everything reachable, ranked by what it unlocks."
05Compound
Every chain Puck confirms compiles into Calibrated Detection — a permanent, deterministic check tuned to your environment. The next investigation doesn't re-run the LLM; it replays the check. Coverage grows with every investigation.

Enterprise capabilities

What Enterprise gives you that the OSS doesn't.

OSS is on-demand. Enterprise is always-on, with continuous coverage and detection that compounds over time.

Blast-radius mapOne picture, every question
Hosts, credentials, identities, services, trust relationships — every confirmed path between them. The whiteboard your analyst would have drawn during an incident, but kept current automatically. Pick an endpoint; see what the worst day looks like.
eng-laptop-47 — blast radiusdry run · IAM-derived
eng-laptop-47 (AKIA…R8W in .bash_history, 11mo dwell)
↓ key grants AdministratorAccess (per IAM policy)
AWS SSO → prod-admin role
↓ trust policy permits AssumeRole
prod-secrets Vault (kv/prod/*)
↓ role grants kv:read on prod/*
customer-PII-prod (12.4M rows reachable)
Derived by reading IAM policies + Vault ACLs + validating the key with sts:GetCallerIdentity. No production data read, no role actually assumed.
Watch the chain confirm liveDuring an active investigation
When an investigation is running, the canvas updates as findings come back. No refresh, no re-layout — the host stays where you pinned it as credentials light up and reach widens. By the time the call starts, the picture is on the screen.
INV-2026-0847 — confirming...live
pathfinderPuck-0142 — iteration 2/3, 78% confidence
deviationAKIA…R8W in shell history, 11mo dwell, AdministratorAccess
hive mindsame PAT pattern on 14 additional endpoints
Time-travel and diff"What changed since last quarter?"
Drag back ninety days of history, or overlay any past snapshot on today. The SSH key that should have been rotated. The third-party access an auditor will ask about. The path that wasn't there last week. Every edge has a freshness window, so a past view shows what was actually true then — not last week's stale assumptions.
Blast-radius — 7 days ago vs now
90d
60d
30d
7d
now
+ eng-laptop-47 → AWS SSO → prod-admin (new edge, 4d ago)
− jordan@ssh → bastion-3 (removed, off-boarded)
ci-runner-08 → artifact-writer (unchanged, 47d old)
An API, not just a UIDrop the answer into your tools
Path queries, freshness summaries, and live updates are all addressable from your SIEM, your runbooks, your Slack bot, your own custom dashboard. The console is one consumer of the same surface your IR engineers can call directly.
GET /v1/graph/path
$ curl -H "Authorization: Bearer …" \
    https://puck.acme.com/v1/graph/path \
    --data '{"from":"eng-laptop-47","to":"customer-PII-prod"}'

[
  {
    "chain": ["eng-laptop-47", "AWS-SSO", "prod-admin", "vault", "customer-PII-prod"],
    "first_seen": "2025-06-12T14:31Z",
    "confidence": 0.94
  }
]
Calibrated DetectionDetection tuned to your environment
Every chain Puck confirms in your fleet compiles into a deterministic check — replays without an LLM call next time that pattern appears. Over months, your Calibrated Detection library encodes the specific credential storage, dev-practice, and blast-radius patterns unique to your environment. The detections aren't generic rules from a vendor's pack — they're the patterns your fleet actually produced.
Calibrated Detection library — 47 activedeterministic
orgAWS keys for accounts outside the acme-org7 endpoints
reachCredentials reaching prod from non-Engineering laptops11 endpoints
driftOff-boarded users whose tokens still authenticate somewhere3 users
patternSame chain shape as the Q1 IR incident — repeated on a different host2 hosts
Agent profilesSame binary. Different lenses.
One Puck binary, profile-aware. Drop it on a laptop, a build runner, or an ECS task and the agent knows what kind of host it's on. The endpoint profile does read-only laptop/server inspection. The CI/build profile is ephemeral and role-scoped, with prompts that know it's in a short-lived runner. The cloud profile runs on ECS or EKS and assumes IAM roles to enumerate AWS the right way. Same brain. Same investigation. Different ground truth, gathered where it lives.
puck-agent --profile
endpoint
Read-only laptop / server inspection. Long-lived.
ci/build
Ephemeral, role-scoped. Knows it's a short-lived runner.
cloud
ECS/EKS. Assumes IAM, enumerates AWS the right way.
On-prem or dedicated by defaultSingle-tenant. No shared inference.
Default deployment is on-prem inside your network or a dedicated single-tenant brain in your own AWS account — one Terraform module spins up VPC, RDS, ECS, KMS-encrypted secrets, scoped IAM, audit logs. Agents speak mTLS to your brain only. No cross-tenant data path, no shared inference.
Deployment topology
Your VPC / on-prem
Brain · RDS · Console
KMS · IAM · CloudWatch
↔ mTLS
Your endpoints
10,000 puck-agent
processes
No Puck-controlled path. Your BYO inference key stays in your boundary.
Skill library + auto-triggerCoverage that runs while you sleep
You don't write detection rules or schedules by hand. Puck ships a library of investigation skills, and the brain auto-triggers them on real-world events — new CVE drops, supply-chain advisories, HR off-boarding, EDR alerts, threat-intel feeds. NPM supply-chain hack published at 3:00pm? Puck has a plan deployed across the fleet by 3:30pm without anyone touching the console. Findings land in Slack, Jira, Tines, or your webhook.
Recent auto-triggers
Today 15:32 UTCNPM supply-chain advisory (npm:eslint-utils) — fleet exposure check, 47 hosts probed, 3 findings → on-call Slack
Yesterday 09:14HR off-boarding ([email protected]) — checked 23 systems, 14 credentials still active → IR Jira
Mondays 03:00 UTCBlast-radius drift — scheduled weekly fleet sweep, diff vs last run
ContinuousAmbient hunting — works through the curiosity queue between explicit jobs
IR tabletop exercisesQuarterly, realistic, measurable
Run Puck investigations against deliberately-compromised test environments as tabletop exercises. "Your CI runner was supply-chain compromised. Use Puck to investigate. Go." Puck's skill library becomes the exercise substrate — real tooling, real investigation workflow, real muscle memory. Not a slide deck with a hypothetical scenario.
Exercise · Q2 2026 · supply-chain-trivy
"Your CI runner was supply-chain compromised. Use Puck to investigate. Go."
3 analysts · 47 min wall time · 23 commands · 2 paths to prod traced · 1 escalation to on-call

Pricing

Platform pricing. No per-endpoint tax.

Annual platform license. Scales with environment complexity — never with the number of hosts you put it on. On-prem or dedicated single-tenant is the default; contact us for sizing against your environment.

Why we built this

The thing that always hit me was how long our blast radius stayed invisible. We'd find an AWS key during IR that had been in someone's shell history for a year — the laptop had always been able to reach production, we just never mapped it. Every incident, same rediscovery. Puck is the map I wished we'd had before the breach, not during it.

The read-only architecture is what makes it deployable. Calibrated Detection — patterns Puck has confirmed enough times in your fleet that they compile to deterministic checks — is what makes it compound. That's the whole product.

Jordan, Co-founder

Working in security since 2015 · Puck since 2025

Common questions

Where does endpoint data live?

Inside your deployment. The brain runs on-prem in your network or in a dedicated single-tenant AWS account you own. You bring your own inference (Anthropic, OpenAI, Bedrock, or a local model) so the LLM call stays inside whatever compliance boundary you pick. We never see your endpoint content.

How does this coexist with our existing EDR?

EDR detects. Puck maps. EDR fires an alert on eng-laptop-47; Puck answers "if that box is compromised, what does it actually reach." Different layers of the stack. No kernel driver, no blocking, no conflict with CrowdStrike, SentinelOne, or Defender. Most teams keep their EDR and add Puck on top — the EDR alert becomes the trigger for Puck's investigation.

How is this different from BAS, ITDR, or secrets detection?

BAS simulates attacks — we validate real access without exploitation. ITDR monitors identity infrastructure during an attack — we map what credentials actually reach, before one. Secrets detection finds credentials in repos — we find them on endpoints and trace the chain to crown jewels. Our category is Blast Radius Intelligence: an AI-augmented SOC tool that answers "from this endpoint, what does an attacker actually reach?"

What stops autonomous investigation from going off the rails?

Every command is policy-gated, logged, and replayable. The creativity is in what Puck chooses to investigate; the output is always deterministic and verifiable. If Puck tests whether an SSH key authenticates to host X, you can see exactly why it tested X, what it sent, and what came back. Every step shows its work — that's the trust contract.

How do you handle SSO and audit?

SAML and OIDC for SSO, SCIM for provisioning, full audit trail per investigation — what was asked, what was run, what was found, who saw it. Exportable for compliance review.

What does deployment look like at 10,000 endpoints?

Single Rust binary, pushed via your existing config-management (Ansible, Chef, Jamf, Intune). Brain runs on-prem or in a dedicated AWS account you own. Typical rollout to a 10K-endpoint fleet: under a week from contract to first investigation.

Early access

First-cohort design partners are loading.

Three-month pilots. We run the hosted brain, you bring the IR scenarios worth solving and keep every finding. Tell us what you're working with and we'll get back to you today.