Live
Zerathis Blindspot™ ENGAGED Risk State HIGH Deployment Month 19 Successful Extractions 0 Last Operation 23 JUN 2026 Recovered 1,400 kg · 23 Jun 2026 Peak Period 8 Consecutive Zero-Incident Months Opportunity Denied 97% MAP Stage S2-Probing Active Deployments 1
Observation
Pattern build
Conf. test
Variance
Collapse
Before The Plan Concludes — Adaptive Deterrence Intelligence

If it can be learned,
it will be exploited.

And when it goes wrong, the question isn't why didn't you stop it. It's why didn't you know.

Commission a Blindspot Audit
Discover where your security is most predictable.
How it works ↓
Active deployment · South Africa · Month 19
97%
Opportunity Denied Rate
peak 97% · sustained months 12–19
52 → 3
Monthly adversary contacts
six months into deployment
0
Successful extractions
across 19 months
19 mo
Continuous live deployment
South Africa
How do we make organised theft
significantly harder to execute?
This is what the adversary experiences.
Prediction confidence
100%
System monitoring
Probe events 000
Variance cycles 000
Move toward the target.
The system is watching you learn.
move your cursor toward the target
System entropy
0.00
No adversarial pressure
System state
Stable
Prediction confidence
Prediction confidence
FAILED
The system learned you before you reached it.
Adversary model invalidated
Variance protocol active — new pattern deploying
Target
Does your operation give an adversary the same advantage?
01 / 03

How predictable is your current security operation?

The problem

Every successful breach begins long before the incident.

By the time your system detects a threat, the plan is already complete.

Every day your operation runs consistently, it runs for them.

01
Observation.
Before anything moves, there is a watching phase. Patrol intervals are timed. Shift transitions are mapped. Response lag is measured. Weeks of intelligence gathering before a single act. The adversary doesn't guess — they study.
02
Pattern recognition.
After 30 days of observation, a determined adversary has a working model of your system. Not a hypothesis — a schedule. Which drone covers which corridor. When response pulls resources away. What the gaps look like and when they open.
03
Confidence building.
As you read this, a patient adversary is somewhere between day 14 and day 30 of mapping an operation like yours. They are not waiting for an opportunity. They are building one. Your incident log records what happens next. It records nothing about the 30 days that made it inevitable.

And when it goes wrong — when the incident finally appears — the question you will be asked is not why didn't you stop it.

It's why didn't you know.
We stop the plan before it completes.
They don't attack. They study.

The adversary does not defeat the technology.
They find the gap between them.

By week four, the adversary has built a network — probe units, intel nodes, adaptive cells, each feeding a central model of your operation. This is not a crew. It is an operation.

Hardware scales activity. Only adaptation scales deterrence.
The hardware illusion
Which hardware?
What coverage?
These are the wrong questions.
Every system you can deploy can be studied.
Capability without variance is a training dataset.
The adaptive reality
Syndicates observe,
probe, and adapt.
Execution follows confidence.
The adversary doesn't need to defeat your hardware.
They need to predict it.
The shift

Prevention.
Not response.
The adversary cannot execute a plan they cannot complete.

We prevent adversaries from forming a viable plan in the first place.
Zerathis Blindspot™ operates across three integrated layers.
Measure
Pattern Entropy Protocol™
Measures the rate at which your operational signatures are becoming legible to an outside observer. When entropy falls below threshold — when your patterns become too consistent to be noise — the system flags imminent exploitation risk and initiates variance protocols before the adversary's model completes.
Layer 01
Disrupt
Signature Displacement Layer™
Actively displaces the operational signature the adversary is building. Rather than eliminating patterns — which is operationally impossible — it continuously degrades the reliability of what they've observed, forcing the adversary back to day one of their modelling cycle every time they approach confidence.
Layer 02
Adapt
Adversary Behaviour Intelligence™
Runs a continuous model of adversary learning state — tracking probe frequency, method shifts, timing changes, and confidence indicators. The system knows where the adversary is in their planning cycle at any given moment, and adjusts displacement accordingly. This is the layer that makes the system adaptive rather than reactive.
Layer 03
19 months. One site. Zero successful extractions.
Strategic deployment partner  ·  Platinum mining, South Africa
Active deployment
Opportunity Denied Rate — one site, nineteen months
Base
line
Month 01
78%
Month 06
97%
Month 19
97%
Opportunity Denied Rate — sustained, months 12–19
0
Successful extractions — across 19 months of continuous adversarial pressure
14 days
Adversary re-modelling window — broken before completion, every cycle
The adversary

A crew of 40+, operating around the clock. Insider access extending through the operational hierarchy. Industrial extraction equipment. The most severe threat classification in our diagnostic framework — an adversary that does not walk away when deterred. It adapts.

What changed
Sep–Oct 2024
Deployment phase. 28 incidents, 87 suspects across the period. Adversary active, probing under full adversarial pressure. Zero successful extractions from day one.
Nov 2024–Apr 2025
Pattern variation begins. Probe frequency declines from 52 suspects in a single month to 9. The adversary cannot reconcile the shifting pattern with the model they had built. Incident frequency collapses.
May–Dec 2025
Eight consecutive months. Zero incidents. Adversary activity continues — October 2025 alone recorded 105 suspects at the perimeter. None executed. The operation was present, was detected, and could not predict where the drone would be. ODR: sustained at 97%.
Jan–Jun 2026
Adversary returns with a modified approach. Escalation to large-group operations and cross-boundary coordination with adjacent illegal mining. The platform had flagged behavioural drift in the preceding 28 days — method shift, timing shift, group size escalation. Emergency variance directive issued. Every operation denied.
Operational case · 23 June 2026 · largest operation denied
30+
Suspects
1,400 kg
Copper recovered
0
Successful extraction

01:50 — Drone Team 3 detects approximately 30 suspects moving toward the perimeter. Two-hour aerial surveillance operation follows. Pre-staged cable — 63 rolls, 1,400 kg — located and recovered before extraction. The platform had issued a variance directive 28 days prior after detecting group size escalation and timing shift signals.

The adaptation dynamic
Variable
Range observed
Outcome
Group size
1 individual to 30+ coordinated suspects
DENIED
Timing
Operations across all hours — demonstrated timing shifts across deployment
DENIED
Method
Opportunistic theft → pre-staged underground operations
DENIED
Coordination
Cross-boundary operations with adjacent illegal mining syndicates
DENIED
Persistence
Returned after zero-incident periods with modified approach. Never stopped adapting.
DENIED

Delivered through Zerathis Blindspot™ — our adaptive deterrence intelligence system. Across nineteen months of continuous adversarial pressure, the Opportunity Denied Rate reached and sustained 97% — meaning 97 of every 100 adversarial attempts were neutralised at the planning stage, before they became incidents.

Zero successful extractions. That is the number that matters.

Under confidentiality agreement.  ·  Sector and location disclosed to qualified operators on request.
Commission Audit →
The discovery that built the platform
We kept watching the same breach.
Different asset. Different province.
Same planning model.

It started in rail. National freight corridor, South Africa. Coordinated syndicates — cutters, carriers, processors — taking down a span in under 10 minutes. Decoy attacks to pull our response before hitting the real target. They watched conditions. They used rain. They had a plan before we did.

Once we understood how they operated, we built the system we wished we'd had. That system is Zerathis Blindspot™. The adversary in mining runs the same model. The platform watches it the same way.

We were preventing it but counting it wrong —
incidents instead of opportunity denied.
Origin: freight rail · South Africa  ·  Active: platinum mining
Who this is for

This is not
for everyone.

The right operator isn't asking for more coverage. They're asking why the coverage they have keeps failing.

Mining  ·  Infrastructure  ·  Strategic assets  ·  High-value remote operations
You cannot afford a predictable system.
You operate in a high-risk, high-loss environment where organised adversaries study operations before acting.
You need prevention — not a faster reaction time after the plan is already formed and the window already open.
"When we disrupt the adversary,
they don't give up —
they reset and start learning
again from day one."
Field debrief · Month 9 · Active deployment
How it starts

One engagement to start.
No platform commitment.

The Blindspot Audit is a standalone engagement. You commission it, we deliver a written intelligence assessment of your site. What happens after that is your decision.

The audit does not obligate you to the platform
01
Standalone · 30 days

Blindspot Audit

We map your operation, capture your response pattern, and identify what a patient adversary has already learned about how you operate.

See full detail →
02
Deliverable

Site Threat Fingerprint

A seven-section written intelligence assessment. What the adversary can observe. What they have likely already mapped. Rarely comfortable. Always actionable.

See full detail →
03
Full Deployment

Zerathis Deployment

The platform activates. The intelligence engine begins building your 90-day baseline. Weekly briefs, monthly reports, and active predictive intelligence build as the data matures.

See full detail →
Fixed scope · Fixed duration · No platform required to begin.
Most clients proceed to deployment after receiving the Fingerprint.
// Commission a Blindspot Audit

When it matters,
you need to be
able to say:
we knew it
was forming.

Right now, you have no system that gives you that sentence. No metric that shows the adversary's planning cycle in progress. No alert that fires before the confidence threshold is reached.

The Blindspot Audit is the first step to changing that. 30 days. A written intelligence assessment of your site's actual adversarial exposure — not what your incident log shows, but what the planning phase looks like before it becomes an incident.

Most clients find the picture is further along than they expected.

High-risk operational environments only
// Tell us what you need — confidential

// High-risk operational environments only.
// Your enquiry is treated as strictly confidential.