Security you can measure.
Four signal layers. Passive TLS + TCP + HTTP fingerprinting. Decision latency under 500 microseconds. Deterministic scoring, mathematically proven — not a machine-learning guess.
Why ML-based detection
keeps failing.
Probabilistic by design
85–95% accuracy sounds acceptable until you realize the remaining 5–15% are your most sophisticated attackers. The ones that actually matter.
Adversarially defeatable
GAN-generated traffic passes through neural networks undetected. This is a fundamental weakness of the approach, not an implementation flaw.
Non-auditable decisions
When compliance asks why legitimate traffic was blocked, "the model said so" is not a defensible answer. Deterministic scoring is.
JavaScript is not inspection
Client-side fingerprinting requires code execution. Bots disable it. Privacy-conscious users block it. Everyone loses.
Who is this for.
Media Buyers & Arbitrage
Stop paying for bot clicks. Keep your offers invisible to spy services.
- Cloaker mode hides landings from ad moderators
- Blocks AdSpy, AdPlexity, AdBeat automatically
- JA4 fingerprinting catches residential proxies
- Per-site scoring, tuned per offer
E-commerce
Hide prices from scrapers. Stop credential stuffing. Protect inventory.
- Detects residential-proxy scrapers by TLS, not IP
- Credential stuffing caught at handshake layer
- No JavaScript means no friction for real buyers
- Works transparently with existing checkout
SaaS & API Products
Protect your API without JS, cookies, or SDK changes.
- API endpoints protected at the TLS layer
- Blocks fake signups and free-tier farming
- Custom headers (X-AE-Score, Browser, ASN)
- Catches scrapers rotating IPs and UAs
Enterprise & Finance
Zero-trust ready. GDPR by architecture. Formally verified crypto.
- mTLS client auth via our own Ada/SPARK CA
- No cookies = no GDPR burden, no banner
- Self-hosted option available
- Full session tracking and identity layer
Five minutes from zero to edge.
Point DNS
Create a free account and add one A-record pointing to an edge node. No SDK, no library, no server-side change.
Tunnel up
WireGuard tunnel comes online between the edge and your origin. TLS is terminated at the edge; your backend stays on a private IP.
Passive scoring
Every TCP/TLS handshake is fingerprinted and scored. Four signal layers fused into one deterministic verdict — under 500 microseconds.
Origin hidden
Humans reach your app. Bots get blocked, cleaned, or cloaked. Your real IP never appears in DNS, headers or logs.
Plans & comparison.
// FEATURE | SOL_01 Lite Freeforever Analyze your own traffic — see fingerprints, no blocking. | SOL_02 Full Deanon $199/ month Production filter — blocks bots, passes humans in real time. | SOL_03 Cloaker + HP $499/ month Splits traffic — moderators see a stub, users see your real offer. | SOL_04 Enterprise from $5,000/ month On-prem, dedicated edge, private SPARK CA, SOC2/GDPR audit pack. |
|---|---|---|---|---|
| Sites | 1 | 3 | 10 | ∞ |
| Passive fingerprinting | ● | ● | ● | ● |
| Inline filtering | — | ● | ● | ● |
| Cloaker & honeypot | — | — | ● | ● |
| Custom X-AE-* headers | — | — | ● | ● |
| Custom scoring rules (Ada/SPARK) | — | — | — | ● |
| Dedicated edge nodes | — | — | — | ● |
| Multi-region deployment | — | — | — | ● |
| Private JA4 database feed | — | — | — | ● |
| mTLS via private SPARK CA | — | — | — | ● |
| SOC2 / GDPR audit pack | — | — | — | ● |
| Session tracking & identity layer | — | — | — | ● |
| Support | — | priority | dedicated TAM | |
| SLA | — | — | 99.9% | 99.99% + credits |
// START | ▸ Deploy | ▸ Deploy | ▸ Deploy | ▸ Contact |
// NO CONTRACTS · NO SETUP FEES · CANCEL ANYTIME · START WITH LITE AND UPGRADE WHEN YOU NEED