Fintra Feature

AI-Native SOC Reasoning That Computes the Truth Before It Reasons

AegisGraph builds a deterministic Graph Truth Statement - reachability and privilege facts - before any language model runs. Only then does the LLM narrate, and it may cite graph facts only. It extends classic toxic-combination attack paths into the AI domain: agents, MCP tools, OAuth grants, and non-human identities.

Talk to usFree to start - no card required.
AegisGraph · Graph Truth → Attack Paths
GRAPH TRUTH
deterministic
computed pre-LLM
ATTACK PATHS
3 toxic combos
AI + cloud + NHI
SOAR
simulation
no live actions
MCP tool → OAuth scope → prod secretreachable
Over-privileged agent identity (NHI)elevation path
Graph Truth Statement (evidence)hash-anchored
LLM narrative - cites graph facts onlygrounded
Runs on in-memory mock graphdemo scope

Illustrative product view

Graph-at-Ingest: the deterministic layer before the LLM

Most “AI SOC” tools hand the alert to a model and hope the narrative is right. AegisGraph inverts that. It computes the facts first - deterministically, with no model in the loop - and only lets the LLM speak over facts it is not allowed to invent. That order is the whole point: the analysis is reproducible and auditable, not a plausible-sounding guess.

How a finding is produced

  1. 1

    Ingest

    Assets, identities, OAuth grants, MCP tools and non-human identities land as typed nodes and edges in the graph.

  2. 2

    Graph Truth Statement

    A deterministic pass computes reachability and privilege facts - no LLM - and anchors them as evidence.

  3. 3

    Reason

    Only then does the language model narrate and prioritize, and it may cite Graph Truth facts only.

  4. 4

    Simulate

    Response playbooks run in simulation to show what containment would do; nothing executes against a live system.

Toxic-combination attack paths, extended to the AI domain

Exposure-management tools trace toxic combinations across cloud infrastructure. AegisGraph carries the same idea into the systems that now hold the keys - the AI agents, the tools they call, and the identities they run as.

DomainToxic combination it traces
AI agentsAn over-scoped agent identity that can reach a production secret through a chained tool call
MCPA registered MCP tool whose OAuth grant widens blast radius beyond its stated purpose
OAuthA dormant third-party grant that still holds write scope on a sensitive resource
NHIA non-human identity with standing credentials, no owner, and no rotation
Toxic combinations AegisGraph traces

Simulation-only SOAR, deterministic-first analysis

  • Containment playbooks - isolate identity, revoke grant, quarantine tool - run as simulations with a predicted before/after
  • Every finding links back to the exact graph facts that produced it, so an analyst can check the work
  • Deterministic-first means two runs on the same graph return the same answer - a property auditors ask for
  • The LLM adds narrative and prioritization on top of facts it may not fabricate

Frequently asked questions

What is a Graph Truth Statement?

A deterministic set of reachability and privilege facts computed from the security graph before any language model runs. It is the ground truth the LLM is then restricted to citing, which is what makes AegisGraph’s analysis reproducible and auditable rather than a model guess.

Is AegisGraph a deployed cloud SOC?

No - it runs on an in-memory mock graph with simulation-only response and no live cloud integrations. It is the reasoning and evidence engine that shows how toxic-combination attack paths form, not a SOC wired into your production environment.

How does it extend attack paths to AI systems?

It models AI agents, MCP tools, OAuth grants and non-human identities as first-class nodes, so it can trace toxic combinations - like an over-scoped agent reaching a production secret through a chained tool call - the same way exposure tools trace cloud attack paths.

Why is deterministic-first a strength, not a limitation?

Because the finding does not depend on a model guessing. The Graph Truth Statement is computed deterministically, the LLM may only narrate over those facts, and the same graph always yields the same result - which is what security and audit teams need to trust a finding.

Does the SOAR take real remediation actions?

No. Response playbooks run in simulation with a predicted before/after; nothing is executed against a live system. It shows what containment would do without the risk of an automated action firing against production.

Stay in the loop

One practical finance briefing a week - new guides, checklists, and benchmarks.

 

See the security depth, not the slideware

Walk the SOC engine, the governed MCP server, and the control graph live - with the honest caveats on the table, not hidden.

Talk to us