The AI analyst inside every Sandworm tool
Mendicant is the AI security analyst built into all eleven Sandworm tools. It explains alerts, drafts detections, summarizes investigations, and recommends response actions — always grounded in that tool's real data, with citations so it cannot fabricate findings.
What it does today
Mendicant runs on frontier large language models and is available now inside every Sandworm tool. It operates only on the data the tool already has — and every response it generates cites the specific events, findings, or records it relied on. Hallucinated findings are structurally impossible.
Explain any alert in plain language
Select an alert in any Sandworm tool and Mendicant gives you a plain-language breakdown: what fired, why it matters, and what the underlying data shows. Every explanation is grounded in that tool's real event data — not a generic template.
Draft detection queries
Describe what you want to catch and Mendicant drafts the query — Sigma rule, YARA pattern, or KQL clause — against the schema for the tool you're in. You review it before it goes anywhere.
Summarize an investigation
Open any case and Mendicant reads the full event timeline, analyst notes, and response history to produce a concise summary. Useful for shift handoffs, executive briefings, and legal documentation.
Recommend the next response action
Mendicant reviews the investigation state and suggests the highest-value next step — isolate the host, revoke the session, escalate to IR, or close with context. The recommendation cites the evidence behind it.
Coming soon: a precision AI we built ourselves
In developmentSandworm is building a sovereign precision-AI engine from first principles — owned end to end, with no third-party machine-learning framework, no external inference API, and no dependency on a model provider's continued availability. It is small and in development; we are not claiming it will outperform frontier LLMs. What it will offer is something frontier models cannot: full auditability and the ability to deploy completely air-gapped.
Built from scratch
The full neural-network and transformer stack is written in C++ with zero external machine-learning dependencies — no PyTorch, no TensorFlow. Every layer (attention, transformer block, convolution, embedding, layer-norm) is hand-built and gradient-checked.
GPU-accelerated, hardware-agnostic
The training and inference path is GPU-accelerated and runs across all major GPUs — AMD, NVIDIA, and Apple Silicon — reaching roughly 50–100 times the throughput of the CPU path. Modern training features are included: AdamW optimiser, cosine learning-rate schedule with warmup, BPE tokenizer, and bf16 mixed precision.
Purpose-built for security
Early models validated in the lab: a user-behaviour-analytics anomaly autoencoder (AUC approximately 0.96 on held-out data) and a command-and-control beaconing detector built on 1-D convolutions — trained on security-specific data, not general corpora.
Why sovereign AI matters
Defense, government, and regulated buyers cannot route sensitive telemetry through a third-party inference API. The model has to live inside the boundary.
Owned end to end
Every matrix multiply is ours. No licensing exposure, no upstream model deprecation.
Fully auditable
Weights, architecture, and training data are under Sandworm control. Compliance teams can inspect the stack.
Air-gap deployable
No outbound call, no token quota, no connectivity requirement. The model runs in environments with no internet access.
No third-party inference
Your threat data never leaves your network to reach an external model API. Zero data-residency risk.
The goal: security AI you own, end to end
Mendicant exists so the most sensitive environments — defense, government, healthcare, finance — can run autonomous security AI without sending a single byte to a third-party model. Because every layer is built from scratch, the model is auditable from the mathematics up, deployable fully air-gapped, and free of the export-control and dependency-audit problems that lock Python-ML-stack competitors out of these environments.
The work runs in stages — a security-specialized language model and a behavioural anomaly detector today, toward autonomous vulnerability discovery and AI-vs-AI defense, and ultimately post-quantum-resistant defensive AI. The destination is autonomous, verifiable, and quantum-resistant cyber defense that you own and run inside your own boundary. It is in active development; we build in the open and ship behind tests.
What Mendicant can do
Context-aware alert explanations
Mendicant reads the live event data from whichever Sandworm tool you are using and explains each alert in plain language — what triggered, what the data shows, and why it matters — without relying on generic templates.
Detection drafting
Describe a threat scenario in natural language and Mendicant drafts the corresponding Sigma rule, YARA pattern, or KQL clause scoped to the tool's schema. You review and approve before anything is saved.
Investigation summarization
For any open case Mendicant synthesizes the event timeline, analyst notes, and response history into a concise summary suitable for shift handoffs, executive briefings, or legal documentation.
Cited response recommendations
Mendicant evaluates the investigation state and recommends the highest-value next action — isolate, revoke, escalate, or close — with the supporting evidence cited inline so analysts can verify the reasoning.
Available in all eleven tools
The same AI analyst surfaces inside Truthsayer, CloudGuard, Sandworm SASE, Sandworm EDR, and all other Sandworm tools. Context switches automatically based on which tool is open — no copy-paste of data between windows.
Sovereign engine in development
A from-scratch C++ inference engine is being built so the most sensitive deployments can run Mendicant fully air-gapped with no outbound API calls. Frontier models handle all production workloads today while the engine matures.
How Mendicant works
- 1
Open any Sandworm tool
Mendicant is embedded in every Sandworm product. There is nothing to install or configure — open the Mendicant panel from the toolbar in whichever tool you are working in.
- 2
Mendicant reads the live data
When you ask a question or select an alert, Mendicant retrieves the relevant records from that tool's data store — events, findings, timelines, or configuration — so its response is grounded in what actually happened, not a general knowledge base.
- 3
You get a cited, actionable answer
Every response cites the specific events, records, or data points it relied on. Grounding Mendicant's answers in your live data significantly reduces the risk of unanchored or fabricated conclusions — analysts can verify the cited evidence directly rather than taking the output on trust.
- 4
You approve before anything changes
Recommended actions — isolate, revoke, escalate — require analyst approval. Mendicant is an advisor, not an autonomous actor. Response automation is a separate layer you configure in each tool's settings.
Built for real analyst workflows
Tier-1 analyst acceleration
Junior analysts get plain-language explanations for every alert, designed to reduce the time analysts spend reading raw logs and cross-referencing documentation. Mendicant brings context to the analyst, not the other way around.
Detection engineering assistance
Detection engineers describe coverage gaps in natural language and receive draft rules ready for review. Mendicant already knows the schema for each tool, so engineers spend their time reviewing and tuning rather than writing rules from scratch.
Shift handoff and executive reporting
At shift change or before a board briefing, Mendicant can summarize every open investigation in a consistent format, designed to reduce manual write-up time and the risk of critical context being lost between analysts.
Air-gapped and regulated environments (roadmap)
Once the in-house sovereign engine ships, organizations with strict data-residency requirements — defense, government, regulated finance — will be able to run Mendicant with no outbound inference calls. This capability is in development.
Integrations
- Every Sandworm tool
- Anthropic
- OpenAI
- Azure OpenAI
Frequently asked questions
- How is Mendicant deployed?
Mendicant is embedded in every Sandworm desktop application — there is nothing separate to install. When you open any Sandworm tool the Mendicant panel is available from the toolbar. It calls frontier model APIs (Anthropic, OpenAI, or Azure OpenAI, configurable per tenant) over an encrypted connection from your local deployment.
- Does Mendicant send my security data to a third-party model provider?
Queries to Mendicant are sent to the frontier model provider you configure for your tenant (Anthropic, OpenAI, or Azure OpenAI). Only the data needed to answer your specific question is included in the request — Mendicant does not batch-upload or store your telemetry with those providers. For environments that cannot use any external inference API, the in-house sovereign engine is in development.
- How is Mendicant priced?
Mendicant is included with every Sandworm subscription — it is not a separate add-on. See the pricing page at /pricing for bundle details. Frontier model API costs are pass-through at cost; you can also supply your own API key.
- How does Mendicant differ from asking a general-purpose AI chatbot?
A general-purpose chatbot has no access to your actual event data and will reason from general knowledge. Mendicant is context-aware: it reads the live records from whichever Sandworm tool you have open and grounds every response in that data with inline citations. It cannot produce a finding it cannot point to in your environment.
- What is the in-house sovereign engine and when does it ship?
The sovereign engine is a from-scratch C++ inference stack — no PyTorch, no TensorFlow — being built so Mendicant can run fully air-gapped with no outbound API calls. It is in active development. We do not have a public release date. Frontier models handle all production workloads today. We will announce availability when it is ready for deployment.
- Can Mendicant take autonomous actions on my behalf?
No. Mendicant is an advisor. It recommends actions — isolate a host, revoke a session, escalate a case — but every recommendation requires analyst approval before any change is made. Response automation is a separate, separately-configured layer in each Sandworm tool.