DISRUPTIVE INDUSTRIES LTD

KEYSTONE™ DISCOVER

Keystone Discover is a proprietary patented data sequencing service allowing for bespoke profiling of any global location based on geographic or physical or digital behavioural themes. Customers can utilise our commercially provided data and opt to fuse provided data assets for desired outcome.

Features

• Applications; Dark Fleet tracking, Critical National Infrastructure and site protection.
• Download data as CSV
• Near-real-time data updated hourly.
• Integrate and sequence AIS, ADS-B, RF, and EO/IR/SAR IMINT
• Fuse customer data with passive signals data using sequencing engine.
• Threat monitoring based on customer-defined behaviours, locations, and digital selectors.

Benefits

• Create fused multi-source intelligence feeds delivered and updated hourly
• Near-real-time activity-based intelligence (ABI) monitoring and alerting
• Integration of signals data, subject-matter expert analysis, and IMINT
• Consistent feed of intelligence start-points to efficiently task high-value assets.
• Stand-off collection means no speculative tasking of assets.
• GDPR compliant, with no PII data transmitted.
• Detect global use of internet-of-things (IoT) hardware. Eg. Starlink

£79,000 to £165,000 a licence

• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at growth@disruptive-industries.io. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

703192224889039

Contact

Tim Stringer
+44 (0)7301 006385
growth@disruptive-industries.io

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: N/A
• System requirements:
  • Computer with recent version of major operating system
  • High-speed internet connection minimum 20Mbps download speed
  • Web browser that supports GPU acceleration
  • Intel i5 processor (or equivalent), 8Gb RAM, dedicated graphics card
  • Minimum screen resolution of 1280x720 recommended

User support

• Email or online ticketing support: Yes, at extra cost
• Support response times: Within the working day, we aim to respond within two hours. At weekends, a line of communication is available.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 24 hours, 7 days a week
• Web chat support: No
• Onsite support: Onsite support
• Support levels: Baseline support for all access is included within the contract. Extra support to be discussed on a contractual basis depending on customer requirements.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We provide initial user training, either virtually or onsite as required by the end user community. There is an in-platform help guide with data definitions to support terminology on-boarding and a dedicated support pathway - via phone, form fill-in or email - for user requests. Additional training, workflow understanding and use-case triage is supported by a dedicated Customer Success team. Self-paced learning on the platform is provided with a series of videos, and specific examples can be created at user request for offline consumption.
• Service documentation: Yes
• Documentation formats: PDF
• End-of-contract data extraction: Data that is uploaded to the platform is only stored against the search and users search history is expunged on contract end as standard.
• End-of-contract process: Custom Threat Monitoring is provided as an annual subscription service that provides access to the platform where data can be interrogated. Access to the platform will cease on the end of the licence date as agreed in the contract. On contract termination, a data deletion letter will need to be signed by the contracting party to ensure removal of Disruptive Industries intellectual property from former client systems.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
• Application to install: No
• Designed for use on mobile devices: No
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Access permits viewing and querying of custom-geography ORBAT™ feeds following data sequencing of signals against threat ontology. Near real-time feed (1 hour cadence) ORBAT™ includes multiple adversarial feeds merged into one master threat feed. Additionally includes access to ODDITY GPS Interference monitoring and overlays.
• Accessibility standards: None or don’t know
• Description of accessibility: A full list of accessible features can be provided upon request.
• Accessibility testing: None at present.
• API: No
• Customisation available: No

Scaling

• Independence of resources: We guarantee that users are not affected by the demands other users place on our service through our fully elastic clustered compute architecture. This scalable system dynamically adjusts computing resources based on real-time user demand, ensuring consistent performance and availability. Key aspects include: 1. Automatic Scaling 2. Resource Isolation 3. Load Balancing 4. Priority Queueing 5. Monitoring and Management.

Analytics

• Service usage metrics: Yes
• Metrics types: Yes, we provide detailed service usage metrics currently accessible through PDF. These metrics include user activity, resource utilisation (customer level), performance indicators, and error rates.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Developed Vetting (DV)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: Other locations
• User control over data storage and processing locations: Yes
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least every 6 months
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Scale, obfuscating techniques, or data storage sharding
  • Other
• Other data at rest protection approach: Use of encrypted Object Storage Devices (OSDs).
• Data sanitisation process: Yes
• Data sanitisation type: Explicit overwriting of storage before reallocation
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: The platform has an in-built function for exporting to .csv the user-defined results with appropriate file size limits for the size of data being requested. As a cloud-based service the export query is queued against other incoming requests and processed sequentially.
• Data export formats: CSV
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

• Guaranteed availability: Level of availability varies depending on the specific project. Our standard form Service Level Agreements (SLAs) can be provided on request.
• Approach to resilience: Information available on request.
• Outage reporting: Email alerting is provided and communication tracked on the expected resolution timeline and breadth of user impact.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
• Access restrictions in management interfaces and support channels: Our approach to access restrictions in management interfaces and support channels, is grounded in the principles of Role-Based Access Control (RBAC). This method ensures that only authorised personnel have access to specific levels of information and functionality, based on their roles within the organisation.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password

Audit information for users

• Access to user activity audit information: No audit information available
• Access to supplier activity audit information: No audit information available
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: No
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: No
• Security governance approach: Information available on request.
• Information security policies and processes: Our organisation follows a robust set of information security policies and processes, managed under the oversight of our Chief Technology Officer (CTO). These policies are designed to ensure the security of data, protect our infrastructure, and comply with regulatory requirements. Policies and Processes: 1. Two-Factor Authentication (2FA) and Zero Trust: We enforce 2FA and adhere to the Zero Trust principle, requiring strict identity verification for network access, thereby reducing unauthorised access risks. 2. Workforce Education: Our policy enforces regular security awareness courses for all employees, conducted to fortify awareness and adherence to our security standards. 3. Encryption: We encrypt all data at rest to safeguard sensitive information, even if physical security is breached. 4. Business Travel Security: Our travel policy includes the use of Faraday bags and device tracking to protect data from unauthorised access and theft. 5. Sensitivity Assessment: We classify data and projects based on sensitivity, applying tailored security controls accordingly. Management and Compliance: The CTO manages our security framework, ensuring all practices are current and compliant with industry standards. Regular audits and reviews maintain policy effectiveness and adapt to emerging threats. These policies and processes collectively secure our operations and sensitive information, aligning with industry best practices.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: Using Git for version control provides comprehensive audit trails ensuring modifications are tracked (including who/what/when) enabling easy rollback and accountability in our development process. Infrastructure as code (IaC) allows automated setup and maintenance of environments ensuring consistency and reducing mistakes. Configurations are declarative and are automatically enforced and maintained. Advanced observability tools monitor infrastructure and configurations continuously alerting to unexpected or unauthorised changes. This maintains security, stability and compliance of environments. Configuration and change management are aligned with industry best practice ensuring secure, scalable and maintainable infrastructure. Our process is responsive and controlled, supporting rapid development while ensuring rigorous oversight.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: Continuous integration flows include SAST, DAST, Container Scanning, Dependency Scanning for Python, Node.JS, and Golang dependencies in our applications. Scanned artefacts are cryptographically guaranteed through signing and require fully signed Git tree at build stage. Threat Modelling during Agile Development ensures security considerations are embedded into design and development. Automated tools scrutinise code for patterns and behaviours that could lead to vulnerabilities and address before deployment. Continuous Monitoring and Scanning of all deployment artifacts against well-known Common Vulnerabilities and Exposures. If a vulnerability is detected, our system automatically revokes trust in affected artefacts, isolating the threat and preventing further exploitation.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: Our approach conforms with recognised standards. Any abnormalities in any deployed tenant are alerted via drift detection.
• Incident management type: Supplier-defined controls
• Incident management approach: Customer management support process will escalate any incident according to its criticality, assessed by our CSM team member on call. This will be relayed to our Engineering team on-call. 1. Analyse abnormalities and deploy fix. 2. Gather team for postmortem to discuss how to prevent similar incidents in the future as part of our continuous improvement cycle. 3. Document incident. 4. Generate comms using postmortem information and notify clients as soon as possible.

Secure development

• Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Equal opportunity
  • Wellbeing

  Equal opportunity

  Disruptive Industries recognises the importance of diversity, equality and inclusion within all areas, and we are committed to providing an environment in which each employee is recognised, valued, able to fulfil their potential and maximise their contribution. We appreciate the value and creative potential that individuals of different backgrounds and abilities bring. We work hard to ensure equal treatment in all aspects of working life, and an inclusive and supportive culture where differing views and experiences are always respected. We firmly believe that such a culture significantly enhances our ability to provide a quality service to our clients and the sharing of experiences to our colleagues. To attract the best talent, Disruptive Industries uses direct recruitment and trusted third-party recruiters. Our direct recruitment uses platforms such as LinkedIn, which enables us to reach high-quality candidates outside of our traditional networks. When engaging with third party recruiters, we only work with organisations that share our commitment to diversity and inclusion, and we request diverse candidate shortlists and candidate searches across a wide range of non-traditional talent pools.

  Wellbeing

  At Disruptive Industries, we are committed to providing a positive and supportive environment that promotes employee wellbeing, ensuring that everyone has access to a range of wellbeing support when and if they need it. We will provide resources, programmes, and initiatives that support employee wellbeing, such as mental health resources, employee assistance programs, and flexible work arrangements. We encourage employees to prioritise their wellbeing and seek help when needed, and we are committed to fostering a culture of openness, inclusivity, and respect that supports employee wellbeing, so that all of us can operate at our full potential, and effectively balance our professional and personal lives.

Pricing

• Price: £79,000 to £165,000 a licence
• Discount for educational organisations: No
• Free trial available: Yes
• Description of free trial: Disruptive Industries can provide a trial to Custom Threat Monitoring on a case-by-case basis.

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at growth@disruptive-industries.io. Tell them what format you need. It will help if you say what assistive technology you use.