Defence supply chain — air-gap ready
For defence prime contractors, classified-data handlers, and any organisation where vendor-cloud touchpoints are disqualifying.
Defence supply-chain operators — primes, suppliers, integrators handling classified or controlled-unclassified information — operate under requirements (US CMMC 2.0, EU TRANSEC, NATO STANAG 4774/5/8, national-security-perimeter provisions) where vendor SaaS dependencies are routinely disqualifying. The 2024-2026 attack trend has been deliberate: state-aligned actors increasingly target the supply chain, not the prime, because security maturity drops by ~2 tiers per supplier level. A continuous, generative red-team capability that can run fully air-gapped is no longer exotic; it is a procurement-floor requirement.
What is on the defence-supply CISO's desk
CMMC 2.0 + EU TRANSEC equivalents
Documentary evidence that security controls are not only declared but operating. Continuous validation is the path of least friction to satisfying the "implementing the practice" burden of proof.
Supply-chain targeting
The economic profile of a tier-2 supplier rarely supports a full red-team contractor engagement, but the threat actor is willing to invest the time precisely because of that asymmetry. Continuous AI-driven validation rebalances the equation.
Classified processing constraints
Once classified or restricted data is in scope, vendor-cloud touch points are typically disqualifying. The only viable security tooling is on-prem and ideally air-gappable.
AI Act high-risk classification
Defence applications of AI security tooling are explicitly in scope of EU AI Act Annex III. Documentation, human-oversight, kill-switch — all auditable requirements.
How Zero Hunt fits the defence operating model
Air-gap-capable generative pentest
The full stack — LLM, embedding model, AI Gym backtest corpus, 10-agent swarm — runs locally on the appliance GPU. In air-gap mode there are no external network requirements at runtime; updates arrive via sneakernet through ECDSA-signed bundles on physical media. No "phone-home" code path exists.
Traffic analysis on classified segments
The deep-packet AI traffic model classifies flow metadata locally. Sensor traffic does not leave the perimeter. Suitable for classified-data, defence-research, and dual-use environments where exfiltration risk is the primary threat model.
AI Act high-risk documentation by construction
The platform ships with the technical documentation and conformity artefacts required by AI Act Title III, Chapter 2 (Articles 9-19): risk management system, logging, technical doc, human oversight, post-market monitoring. Required for any defence-adjacent deployment in the EU.
Capability emphasis for defence supply chain
- ▸Full air-gap deployment: zero external dependencies at runtime
- ▸ECDSA-signed update bundles for sneakernet update workflow
- ▸AI Act Annex III high-risk system documentation included
- ▸OT/ICS protocol coverage for defence-industrial control segments
- ▸Cryptographically signed evidence with verifiable chain-of-custody
Who buys this in defence supply chain
CISO / CISO-equivalent (often a CSO or DSO for cleared environments) sponsoring; cleared facility security officer co-signing on physical and network controls; cleared procurement lead validating against the disqualifying-criteria for vendor-cloud dependency; programme manager authorising on the basis that the appliance unlocks bids on contracts that explicitly require on-prem-only security tooling.
Go deeper on the regulations
Want to see this against your environment?
A 30-minute technical demo runs Zero Hunt against a recorded slice of your stack, scoped to the regulatory regime you operate under.