Operational Geo Intelligence — OSINT for distributed assets

Intelligence that knows your territory.

SecurMatch correlates open-source events with your assets — bank branches, logistics depots, maritime routes, naval supply chain — and transforms information noise into actionable operational intelligence.

Request pilot access → Explore operational environments
Platform

The map is the operational centre.
Everything else is built around it.

Numbered clusters on the world map, a side drawer that opens on click, NEW badges on unread events, STRI score per cluster. Everything you need to navigate hundreds of events without losing operational context.

🔒 app.securmatch.pro
LIVE
⬤ OPERATIONAL AREA · 84 events
FLAG · NEW · Area updated
Cluster drawer — unread events
The approach

Not a news feed.
Operational geo intelligence.

Any OSINT tool gives you news. SecurMatch tells you which of those events impacts your assets, at what distance, with what frequency and in which pattern.

01 / PROXIMITY

Every event measured against your assets. STRI for every cluster and branch.

Branches, depots, maritime routes, plants — every asset georeferenced. Every OSINT event measured in real distance. The STRI (Security Threat Risk Index) aggregates proximity, velocity and recency into a 0–100 score visible on every cluster and branch.

↳ Branch robbery — 380m · HIGH · STRI 84 · active cluster
02 / PATTERN

STRI, Threat Forecast and 7-day predictive window.

The STRI (Security Threat Risk Index) measures aggregated risk on a 0–100 scale for every asset and cluster. The Threat Forecast adds a 7-day predictive window: area-level probability based on velocity, recency and pattern direction.

↳ STRI 84 · ATM · Foggia · 87% probability HIGH within 7 days
03 / VERTICAL

Taxonomy and sources calibrated for your sector.

A cyber attack does not carry the same weight for a bank and a logistics operator. A port strike is critical for importers. SecurMatch is configured vertically for your operational context.

↳ Dedicated taxonomy · vertical sources · calibrated keywords
04 / OPERATIONAL INTELLIGENCE

Case Management, Link Analysis and AI Entities.

Operational dossiers automatically aggregate relevant events for an asset or area. Link Analysis shows a place graph, temporal pattern and — via Groq AI — named entities extracted from articles: people, organisations, operational methods.

↳ STRI 84 · Marmotta gang · BPM bank · explosive · Foggia cluster
Operational environments in production

One engine.
Four distinct operational environments.

Each environment is an isolated tenant with a separate data schema, taxonomy, sources and assets. The same proximity scoring and pattern detection architecture, calibrated for radically different contexts.

T—01
Banking & Credit Security Live

Geo intelligence for branch networks, ATMs and head offices distributed across the national territory. Proximity scoring across thousands of assets, with automatic detection of provincial clusters, itinerant gangs and explosive ATM attacks.

Active capabilities

Branch & ATM proximity scoring

Dynamic score based on HIGH/MEDIUM events within 5km and 20km and active provincial clusters.

STRI + Threat Forecast & predictive window

Security Threat Risk Index 0–100 per branch. Forecast with HIGH event probability within 7 days per area/category.

Case & Operational Dossiers

Dossier per gang or area with automatic event indexing. Analyst notes, link analysis with place graph, temporal pattern and AI Entities.

Automatic statistical anomalies

7-day vs 30-day comparison per category. Ratio ≥ 2x triggers alert. Peak detection before it becomes a crisis.

PDF briefing & read tracking

A4 export with KPIs, category and province distribution, full event table. Persistent NEW badge between sessions.

Tenant configuration
2.465
Georeferenced assets
10
Taxonomy categories
45+
Dedicated RSS sources
5km
Proximity radius
Rapine filialiAssalti ATMSkimmingCyber bancarioTruffeEstorsioneCrim. organizzata
T—02
Logistics & Road Transport Live

Georeferenced intelligence for depots, intermodal hubs, interports and motorway routes. Monitoring of cargo theft, strikes and blockages impacting logistics supply chain continuity.

Active capabilities

Cargo theft & vehicle attacks

Robberies of parked and moving HGVs, cargo theft and hijackings across the transport supply chain.

Assets on nodes and A1–A26 corridors

Depots, interports and intermodal hubs georeferenced with events projected onto motorway routes.

Strikes & road blockages

Alert on sector disputes and border crossing blockages with impact estimate on monitored routes.

Criminal infiltration of the supply chain

Monitoring of organised crime and phenomena impacting the freight transport supply chain.

Tenant configuration
26
Dedicated RSS sources
A1–A26
Direttrici monitorate
15
Ciclo raccolta
20km
Proximity radius
Rapine TIRCargo theftScioperiBlocchi autostradaliCrim. organizzataInterporti
T—03
Pirateria & Maritime Security Live

Global intelligence for shipping and naval supply chains. Real-time AIS tracking of tens of thousands of vessels, correlated with piracy events and choke point risk. Threat Forecast per maritime area.

Active capabilities

Real-time vessel AIS tracking

Live stream with 30s refresh. Vessels coloured by risk level based on nearby events.

Choke points & global heatmap

Overlay of 7 critical straits (Suez, Hormuz, Malacca, Bab el-Mandeb, Panama…) and incident density at global scale.

Commercial route risk scoring

6 routes with CRITICAL/HIGH/MEDIUM/LOW tier updated in real time. Cluster drawer to navigate events.

Maritime Threat Forecast

Intensity and direction per area (Red Sea, Middle East, Southeast Asia, West Africa) with verifiable track record.

Tenant configuration
47k+
Vessels tracked AIS
7
Global choke points
6
Risk scoring routes
30s
AIS refresh
AIS liveRed Sea / HouthiGolfo di GuineaSomalia CoastMalaccaBab el-MandebHormuz
T—04
Naval Supply Chain Active pilot

Intelligence for maritime supply chain continuity. For industrial manufacturers, raw material importers and large shippers dependent on global maritime routes. The client's plants and ports become central assets on the map.

Active capabilities

Choke point risk per corridor

Suez, Hormuz, Malacca, Bab el-Mandeb, Panama — alert when a choke becomes critical for the client's corridors.

Plants & ports as assets

The map shows the full corridor: origin port → choke point → destination port → plant.

Port congestion & strikes

Global port hubs monitored for delays, strikes and blockages impacting the logistics chain.

Sanctions, AIS dark & anomalies

Vessel embargo, ships switching off AIS transponder on client routes, suspicious patterns.

Tenant configuration
9
Supply chain categories
15
Dedicated RSS sources
366+
Events collected
365gg
Historical window
Rischio choke pointRed Sea / HouthiCongestione portualeScioperi portualiSanzioniAIS darkNatural rubber
Event feed — multi-tenant sample

Every event georeferenced against your assets.

The column on the right is not a category — it is the distance from the nearest asset or route in transit. What transforms a news item into an actionable operational alert.

Multi-tenant event stream · real time
Distance from nearest asset / route
Armed robbery at branch — cashier held hostage, €85k taken
Naples, Campania
Rapina
380m
Houthi missile strike — three vessels diverted from Red Sea
Red Sea
Choke Point
rotta
Armed attack on HGV — driver immobilised, cargo stolen
A14 · Bologna
Truck robbery
2.1km
Port of Singapore berth delays 4 days — 47 vessels queuing
Southeast Asia
Congestione
corridoio
Explosive ATM attack — blast in the night, criminals flee
Milano, Lombardia
Assalto ATM
620m
Iran signals possible closure of Strait of Hormuz — premiums surge
Middle East
Choke Point
rotta
Border crossing blocked — queues up to 40km on northern route
Brenner Pass, Tyrol
Sciopero
42km
EU expands sanctions on Iranian shipping — 12 vessels blacklisted
Middle East
Sanzioni
corridoio
Transversal capabilities

A shared intelligence core across all environments.

The same primitives — map, clustering, Threat Forecast, reporting — available in every tenant, adapted to the terrestrial or maritime operational context.

Intelligence map

Internal cluster drawer

Clicking a cluster opens an internal drawer with events sorted by severity. NEW badge on unread events. Professional navigation on clusters of 100+ events.

Threat Intelligence

Threat Forecast & predictive window

Intensity (HIGH/ELEVATED/WATCH) and direction (rising/stable/declining) per threat. Verifiable 7-day track record. 7-day predictive window with STRI-based probability per area.

Risk Index

STRI — Security Threat Risk Index

Proprietary 0–100 score for every asset, cluster and route. Weighted aggregation of proximity, velocity, recency and severity. Visible in the cluster drawer header, single event profile and Risk page.

Operational Intelligence

Case & Operational Dossiers

Dossier per area, asset or criminal pattern. Relevant events are indexed automatically. Analyst notes, states (Open/Monitoring/Closed), continuous refresh. Every case becomes a living dossier.

Link Analysis

Place graph, temporal pattern & AI Entities

Fullscreen popup with three views: Foundry-style radial place graph, temporal pattern with burst detection, and AI Entities — Groq llama-3.3-70b extraction of people, organisations, operational methods and keywords from case articles.

OSINT ingestion

Automated multi-source pipeline

Dozens of sources collected every 15 minutes, deduplicated, classified and geolocated. Italian gazetteer of 280+ municipalities and maritime gazetteer of 32 global areas.

Statistical analysis

Anomalies & temporal heatmap

Rolling 7-day vs 30-day comparison per category with anomaly detection. 7×24 grid of hourly distribution to identify temporal patterns.

Reporting

PDF briefing & read tracking

Operational PDF export with KPIs and event table. Feed with NEW badge and persistent read/unread tracking between sessions.

Verticals

Four live environments.
More coming.

The same proximity scoring, Threat Forecast and pattern detection architecture, extensible to any sector with distributed assets on land or water.

Live

Banking & Credit

Branches, ATMs, offices. Robberies, ATM attacks, fraud, banking cyber, extortion, organised crime.

Live

Logistics & Transport

Depots, hubs, interports, routes. Cargo theft, strikes, motorway blockages, supply chain infiltration.

Live

Maritime Security

Shipping globale. AIS live, pirateria, choke point, risk scoring rotte, Maritime Threat Forecast.

Active pilot

Naval Supply Chain

Manufacturers and importers. Choke point risk per corridor, port congestion, sanctions, AIS dark.

Coming soon

Telecommunications

Radio masts, antennas, datacentres. Copper and fibre theft, vandalism, service interruptions.

Coming soon

Energy & Utilities

Power plants, substations, renewable installations. Copper theft, sabotage, critical infrastructure attacks.

Coming soon

Healthcare

Hospitals, clinics, pharmacies. Staff assaults, equipment theft, hospital ransomware.

Coming soon

Critical Infrastructure

National strategic assets. Georeferenced threat intelligence for high-criticality sites.

Platform in production

Operational infrastructure,
not a proof of concept.

SecurMatch is live at app.securmatch.pro. Real numbers, updated June 2026.

0+
Active tenants
Banking · Logistics · Maritime · Supply Chain
0+
Open sources monitored
Collected every 15 minutes
0k+
Vessels tracked AIS
Refresh every 30 seconds
0k+
OSINT events archived
Georeferenced and classified
0
Collection latency
Continuous automatic cycle
STRI
Security Threat Risk Index
Proprietary 0–100 score per asset, cluster and route
Frontend
React · Vite
Backend
Node · Express
Data
PostgreSQL
Ingestion
OSINT Pipeline
Map
Leaflet · OSM
AI
Groq · llama-3.3-70b
Deploy
Docker · SSL
Frequently asked questions

Everything you need to know.

Answers to the most common questions about the platform and the activation process.

The STRI (Security Threat Risk Index) is SecurMatch's proprietary 0–100 score measuring the aggregated risk of an asset, geographic cluster or route. It aggregates proximity (distance of events from the asset), velocity (pattern acceleration), recency (how recent the last event is) and severity. It appears in the cluster drawer header on the map, in the single event profile and on the asset risk page of your environment (Risk Branches, Risk Routes or equivalent). It is also the basis of the Threat Forecast predictive engine.
Cases are persistent operational dossiers that automatically collect relevant events for a specific area, asset or criminal pattern. The analyst creates a case with title, geographic area, categories and keywords — the system immediately indexes all matching historical events and continues to update in real time. Inside each case, Link Analysis is available: a fullscreen popup with three views — place graph (radial layout, Foundry-style cards), temporal pattern with burst detection, and AI Entities (Groq AI extraction of people, organisations, operational methods and keywords from articles).
SecurMatch is not a news aggregator. It is an operational geo intelligence platform that correlates every OSINT event with your georeferenced assets — calculating real distance, historical pattern and statistical anomaly. The difference is between "there was a robbery in Naples" and "there was a robbery 380 metres from your Mergellina branch, the fourth in 30 days within the same radius, STRI 84, itinerant gang identified". The Threat Forecast adds a 7-day predictive window. Cases and Link Analysis with AI Entities complete the cycle from alert to investigative dossier.
The engine loads your assets as georeferenced points. Every classified OSINT event is projected onto the map and the distance from each asset is calculated in real time. The risk profile of each asset is updated continuously based on HIGH/MEDIUM events within 5km (primary radius) and 20km (extended radius) and active provincial clusters.
For industrial manufacturers, raw material importers and large shippers. Monitors: choke point risk (Suez, Hormuz, Malacca, Bab el-Mandeb, Panama), port congestion and blockages, port strikes, vessel sanctions and embargo, maritime incidents, AIS anomalies. The client's production sites and ports are loaded as assets: the map shows the full corridor from raw material source to plant, highlighting where risk impacts supply continuity.
The Threat Forecast does not assign invented probabilities. It measures current intensity (HIGH/ELEVATED/WATCH, based on event volume and severity) and direction (rising/stable/declining, from comparison between recent window and history). It always shows the rationale — which signals lead to that assessment. And it maintains a track record: after 7 days every forecast is compared against real events.
The pilot environment is activated within 48 business hours of accreditation, pre-configured with taxonomy, OSINT sources and assets for your vertical. The pilot period is completely free and without commitment. At the end, the final configuration and contract plan are defined together.
Yes, with complete isolation. Multi-tenant architecture with a separate data schema for each client. Assets, events, configurations and settings of one tenant are not accessible to others. Every session is tracked with real IP and timestamp for security audit. Also available in On-Premise or Air-Gapped mode.
Plans

Custom pricing
for every vertical.

No fixed plans. Cost depends on the number of assets, users and active modules. All plans start with a free pilot.

Banking & Credit
Risk Branches
Proximity & Threat Forecast
  • Event map + branch clustering
  • STRI per branch + 7-day Threat Forecast
  • Configurable proximity alerts
  • Cases & Link Analysis
  • Custom taxonomy
Request pilot →
Most requested
Supply Chain & Logistics
Risk Corridors
AIS + Maritime Routes
  • Global critical route monitoring
  • Real-time AIS vessel tracking
  • Choke point + piracy + strike alerts
  • Maritime Cases & Link Analysis
  • Timeline patterns + AI Entities
Request pilot →
Enterprise
Multi-vertical
Custom
  • All modules active
  • Dedicated VPS + optional white-label
  • Guaranteed SLA + priority support
  • Dedicated onboarding + training
  • API access + custom integrations
Contact us →
Pilot access

Activate your environment
in 48 hours.

Taxonomy, sources and assets already configured for your vertical. Operational in 48 hours. No cost during the pilot period.

Isolated tenant with dedicated data schema
Pre-configured taxonomy for your sector
OSINT sources active from day one
Proximity scoring on your assets
Direct support throughout the pilot period
No contractual commitment during the pilot
Request sent. We will contact you within 48 business hours.
Error sending. Write to us directly at info@securmatch.pro
Request sent. We will contact you within 48 business hours.
Error sending. Write to us directly at info@securmatch.pro