Resources

Read the room.

Research, field notes, advisories, and the things we're publishing this quarter.

Read the blog Open the library

Blog

Field notes, engineering posts, and product releases. Written by operators on the team.

Research library

Whitepapers, threat reports, and the quarterly digest, in one place, with receipts.

Events

Roundtables, conference talks, and invite-only dinners. Mostly Toronto and Winnipeg, sometimes further.

Latest

From the blog.

Product

Atlas 4.1: graph-native threat intelligence

Fan-out investigation paths, provenance receipts, and a reworked enrichment engine that completes in under a minute.

2026-04-02
Field notes

Why we started with 'signal over noise'

A short note on the three opinions the product holds, and why they're not negotiable.

2026-03-14
Research

Investigating 'living off the pipe' in CI systems

A field note on a technique we're seeing more often: adversaries using build systems as a long-term C2.

2026-02-22
Engineering

Writing detections that explain themselves

An engineering note on the 'hypothesis-first' rule we use for every detection that ships in Vector.

2026-01-30

Events & roundtables

Come argue with us.

We host small, invite-only roundtables for security leaders. No pitches. Chatham House. Dinner is usually involved.

CISO roundtable, Toronto

May 14, 2026

By invitation

Detection engineering dinner, Winnipeg

June 4, 2026

By invitation

Annual digest: State of the Graph

Sept 2026

Public

Trust center

Evidence for the people evaluating us.

Reports, subprocessor lists, and security attestations. Available under NDA; most of it without.

SOC 2 Type II: current period Request
ISO 27001: 2026 recertification Request
Vulnerability disclosure program Request
Subprocessor list (v2026.1) Request
Penetration test summary (Q1 2026) Request