THE FOUNDATION
TRUST CORE
The computation engine that reconstructs technical reality from configuration evidence.
No endpoint agents. No traffic capture. No manually maintained inventories as source of truth.
Trust Core reads what your infrastructure is configured to do — not what it reports about itself. Configuration sources that already exist in every regulated organization (firewalls, routers, cloud environments, CMDB exports, IPAM registrations, logging platforms) are the inputs.
Trust Core:
The computation engine than reconstructs technical reality from configuration evidence.
HOW IT WORKS
Four computation stages.
Stage | What it does | What it prevents |
1. Configuration Reading | Reads actual configurations from firewalls, routers, cloud environments, CMDB exports, IPAM, and logging platforms. Not reports — the configurations themselves. | Prevents conclusions from being drawn from what systems report about themselves rather than what they are configured to do. |
2. Topology Reconstruction | Reconstructs the actual infrastructure topology: which systems exist, which paths between them are possible, which segmentation is active, and where topology deviates from architecture design. | Prevents architectural deviations from remaining invisible between audit cycles. |
3. Dependency Validation | Validates which systems depend on which others, based on configured routes, firewall rules, and service dependencies. This dependency graph is the input for all further computation. | Prevents dependency drift from remaining undetected until a service fails. |
4. Deviation Detection | Compares computed reality against three reference | Prevents deviations from propagating undetected |
WHAT COMPUTATION SEES
What Trust Core sees that Observation misses.
Situation | What Trust Core computes that Observation misses |
| Security zone registered, not active | IPAM/DDI contains a security zone, but Trust Core computes that the zone has not been correctly applied to the firewall. Registration appears present; technical reality deviates. |
| Firewall policy: direct object instead of group | A rule references an address object instead of a managed group. Lifecycle management, ownership, and auditability are weakened — visible only through configuration computation. |
| CMDB: no dependency | graph: a path exists | The CMDB contains no dependency between two systems. The computed infrastructure graph reveals a technically possible path via routing and firewall policy. |
| Audit control green | evidence absent | A control is administratively registered as present, but technical validation shows that evidence is missing or not reproducible. |
| SIEM alert: medium severity | infrastructure: critical blast radius | A security alert appears moderate in isolation. Trust Core computes that the signal touches a path toward a production zone with critical dependencies. Context changes everything. |
Observation is defined by a point in time and a perspective. Computation is fact-based and continuous.
THE MISSING LAYER.
Existing platforms are not inadequate. The reconciliation layer is missing.
Splunk, ServiceNow, Armis, Wiz, Tenable — these platforms remain essential inputs. Each does exactly what it was designed to do. The gap is structural: no existing platform was built to compute a reconciled, cross-source view of what the infrastructure as a whole actually is.
Platform Category | Design Purpose | The gap it cannot bridge |
| SIEM (Splunk, Sentinel) | Correlate security events | Paths that have never generated an event are structurally invisible |
| CMDB (ServiceNow) | Register assets as reported | Topology cannot be reconstructed from registration alone |
| GRC (Archer, ServiceNow GRC) | Document control declarations | Technical functioning of controls cannot be derived from declarations |
| CSPM (Wiz, Prisma) | Scan cloud configurations | Cross-source dependency reconciliation requires an external computation layer |
| FAIR tooling | Model risk from assessment inputs | Risk parameters derived from survey data cannot reflect current configuration state |
Trust Core adds the computation layer that makes these platforms collectively coherent — reading from Splunk, ServiceNow, IPAM, firewalls, cloud APIs, and architecture models simultaneously to compute what they collectively reveal about enterprise technical reality.