SQUDO AI® — by ITNB AG
Every alert, investigated to verdict.
SQUDO AI® autonomously reasons through your alerts the way a senior analyst would — pulling evidence, weighing hypotheses, and showing its work. Swiss by design. Sovereign by default.
The problem
More alerts arrive than any team can read. The real threats wait in the queue. A modern SOC sees thousands of alerts a day. Most are noise, a few are not, and telling them apart is slow, manual, and relentless. Analysts burn hours on triage. Genuine incidents sit unreviewed while the clock runs.
How it works — an investigation, run end to end
SQUDO AI® works the alert the way a senior analyst does, then hands a human the decision. Nothing acts without sign-off.
- Triage — Picks up every alert from your EDR and SIEM the moment it fires.
- Investigate — Runs a multi-step query across VirusTotal, QRadar, MITRE, and your context memory.
- Verdict — Reaches a classification with a confidence score and the evidence behind it.
- Recommend — Drafts a remediation, mapped to the technique and ready to execute.
- Approve — A human analyst reviews the reasoning and signs off before anything runs.
Explainable by design — every verdict shows its work
SQUDO AI® does not hand you a black box. It gives you the full chain: every source queried, every hypothesis weighed, every step it took to reach a conclusion. You can read it, challenge it, and trust it.
- Competing hypotheses, scored side by side
- Sources cited, with the exact signal that mattered
- Mapped to MITRE ATT&CK techniques
Swiss-sovereign — your data never leaves your control
SQUDO AI® is built and hosted in Switzerland, on sovereign infrastructure. Your alerts, your investigations, and your context stay within your jurisdiction, governed by your policies.
- Swiss-hosted — Runs on sovereign infrastructure inside Switzerland. No data crosses a border you did not choose.
- Governed by design — Aligned to ISO 27001 and the EU AI Act, with a full audit trail of every action the agent takes.
- Human in command — The agent investigates and recommends. A human analyst always holds the final decision.
Proof — time your analysts get back
- MTTD 12.3 min — Mean time to detect
- MTTA 7.5 min — Mean time to acknowledge
- MTTI 2.4 hrs — Mean time to investigate
- Autonomy 94% — Closed without escalation
Representative figures from pilot deployments — not guaranteed results.
Connects to your stack
- CrowdStrike
- Microsoft Sentinel
- Splunk
- Palo Alto Networks
- SentinelOne
- IBM QRadar
- VirusTotal
- Microsoft Entra ID
See SQUDO AI® in action
Book a live walkthrough and watch a real investigation run, start to verdict. We onboard a limited number of European SOCs each quarter.
Contact sales →