Full Governance, Auditing & Intelligence for Security Teams

In the race to innovate, the biggest risk isn't being slow: it’s being compromised.

Public cloud LLMs present significant security risks due to potential data leakage through training feedback loops and unauthorized access by third-party providers. Without strict governance, organizations face severe compliance violations regarding data residency, privacy regulations, and intellectual property exposure.

Domain-Specific, Sovereign, Intelligence

In the age of AI, data is your most valuable asset. But for Security and IT teams, that data is the most sensitive your organization has: system logs, access records, threat intelligence. None of it can leave the perimeter. Boudica Torc changes that.

Own Your Own Intelligence.

Key Value Propositions

Zero Data Leakage

 No logs, access records, or threat indicators ever leave your network.

Domain Expertise

Trained on your internal logs, runbooks, and security policies for company specific rules and context.

Auditability

Full visibility into every analysis, essential for incident response and compliance.

Cost Predictability

No per-token API fees. Run unlimited queries at your own hardware cost.

Use Cases

Security & Operational Control: Admin Dashboard

Domain Isolation: Enforces server-side data isolation by automatically filtering all queries to the administrator's email domain.

Privilege-Based Access: Requires Keycloak OIDC authentication followed by backend privilege checks to prevent unauthorized access.

Dedicated Management Interface: Provides a separate C++ CGI binary (boudica_admin) for administration, isolated from the main inference engine.

Live Log Connections:

Real-Time Threat Analysis

Boudica Torc connects directly & securely to your live log files (Apache, system, application) and queries them in natural language. Logs are continuously indexed, back-dated, and always-on without manual staging or export.

Prompt Rules:

Standardized Incident Output

Save reusable "Rules" that act as persistent instructions. A "Security Analysis" rule can be applied to every chat to enforce a standard format, with counts plus mitigations, severity categorization, and no line-by-line listings.

Glass-Box Auditability: Defensible Incident Response

Every analysis, prompt, and response is logged in a 7-year queryable audit log. SQL-based back-tracing identifies the exact logs and policies that influenced any specific answer.


Defensible Decisions: Show auditors exactly what data informed each conclusion.

Compliance Ready: 7-year retention meets typical regulatory requirements out of the box.

Internal Learning: Past incident analyses become queryable knowledge for the next incident. Your model will expand and learn from your raw data continuously.

How OmniIndex Uses This In-House

Last Week's Apache Logs

Boudica Torc analyses Apache2 logs from the last week, returning categorised counts of unauthorised access attempts and application errors with mitigating suggestions on each. The same query runs against any rolling window from minutes to months.

Daily Anomaly Scan

A Scheduled Action runs every morning at 8:00, sweeping the previous 24 hours of logs for unusual patterns, failed authentication clusters, and JWT anomalies. The summary lands in the IT team's inbox before the team logs in.

Incident Reconstruction

When something breaks, the on-call engineer queries the audit log directly. The full trail of every prompt, response, and retrieval step is available to reconstruct what happened, who saw what, and which mitigations were applied.

Policy-Aligned Recommendations

New SOC analysts get answers grounded in our actual security playbook, not generic best-practice articles from the web. The handbook is the source, citations are on every reply.

Standardised Output via Rules

The saved "Security Analysis" rule applies to every chat, so output always returns counts plus mitigations, never raw log dumps. Junior analysts produce senior-quality output the day they get access.

All rights reserved © 2026 OmniIndex