AI plans the chains.
Tools execute.
Your infrastructure.

Autonomous pentesting with local LLMs, OPA policy enforcement, and deterministic tool execution. Zero data egress.

qwen-72bdeepseek-r1opagvisorkata
engagement — bank-pilot
live
50ms
p95 local inference
vs 500ms+ cloud APIs
0
bytes egressed
findings stay on-prem
100%
policy coverage
every task OPA-authorized

Four-plane architecture

Clear separation of concerns. Intelligence reasons, execution runs tools. OPA sits between them—every task requires policy authorization.

01CONTROL
  • Engagement manager
  • RBAC + MFA
  • Audit ledger
  • Approval workflows
02INTELLIGENCE
  • Attack chain reasoner
  • Qwen-72B / DeepSeek-R1
  • RAG (Qdrant)
  • Hypothesis generation
03EXECUTION
  • OPA runtime auth
  • Worker pool
  • Tool registry
  • gVisor / Kata isolation
04DATA
  • PostgreSQL
  • Redis queues
  • MinIO (evidence)
  • SHA256 integrity
controlintelligence[opa]executiondata

How it works

1

Context ingestion

Feed OpenAPI spec and business context. LLM builds an application model: roles, sensitive operations, control points.

2

Hypothesis generation

LLM generates control validation hypotheses—not CVE lists. Focuses on authorization gaps, data isolation failures, workflow bypasses.

3

Chain construction

Link hypotheses into multi-step attack chains. Prioritize by business impact × feasibility.

4

Policy-gated execution

Every task hits OPA before execution. Scope, time window, tool permissions, blocked parameters—all enforced at policy level.

task_authorization.regoopa
package pentest.task

default allow = false

allow {
    target_in_scope
    within_time_window
    tool_permitted
    not blocked_by_roe
}

target_in_scope {
    net.cidr_contains(
        input.engagement.scope.cidrs[_],
        input.task.target
    )
}

within_time_window {
    time.parse_rfc3339_ns(input.current_time) >=
        time.parse_rfc3339_ns(input.engagement.window.start)
}

# Block dangerous flags
blocked_by_roe {
    input.task.tool == "sqlmap"
    input.task.params[_] == "--os-shell"
}

Policies versioned and included in evidence bundles.

HIGHCVH-001

Authorization Control Failure

e-2024-0892

Customer role can approve loan applications via direct API call toPOST /api/loans/{id}/approvebypassing role-based controls.

Affected endpoint
/api/loans/{id}/approve
PCI-DSS mapping
7.2.1, 7.2.2, 10.2.1
Evidence hash
sha256:7f3a91c2e8b4d5f6...
Validated
3/3 steps confirmed

what we're building

  • On-prem infrastructure, local LLM inference
  • AI for planning, deterministic tools for execution
  • OPA policy authorization for every task
  • Business logic testing via hypothesis chains
  • Cryptographic evidence integrity (SHA256)
  • PCI-DSS aligned reporting

what we're not claiming

  • First mover in on-prem pentesting
  • GPU memory for attack graph simulation
  • AI does everything autonomously
  • Monte Carlo path sampling
  • Cloud-hosted with "enterprise security"
  • Replacing human pentesters entirely

Interested in a pilot?

We're working with banks and enterprises that need zero data egress and policy-provable security validation.

pilot@korven.securitygeneral inquiries