Approach
Tradecraft
Where signals come from, how we validate them, and when we escalate.
1/9
Collection & Signal Intake
We bias toward verifiable signal. Collection plans are tailored to the decision and time horizon, then bounded by legal, ethical, and contractual obligations.
- Corporate registries, court & regulatory filings
- Newswire, trade, technical, social, forums
- Vendor datasets under contract
- Privileged interviews & discreet outreach
- Professional networks & source vetting
- Counterparty perspective analysis
2/9
Verification & Provenance
Every claim travels with its provenance. We grade the source and the information separately, then state overall confidence.
Source Reliability
| Grade | Descriptor |
|---|---|
| A | Consistently reliable; past reporting corroborated |
| B | Usually reliable; minor gaps |
| C | Mixed reliability; needs corroboration |
| D | Doubtful reliability; self-interest likely |
| E | Unreliable; conflicts with known facts |
Information Credibility
| Grade | Descriptor |
|---|---|
| 1 | Confirmed by independent sources |
| 2 | Probably true; logical & consistent |
| 3 | Possibly true; requires more data |
| 4 | Doubtful; inconsistent or unverified |
| 5 | Improbable; contradicts reliable info |
Confidence call: High Medium Low — stated explicitly on each judgment.
3/9
Analytical Methods
- Triangulation & cross-domain corroboration
- Link & timeline analysis
- Change detection & anomaly surfacing
- Red-team challenge to assumptions
- Competing hypothesis checks
- Enumerated assumptions & confidence tags
- Blind source review where applicable
- Structured dissent on key judgments
- Versioned notes w/ reviewer initials
4/9
Decision-Grade Briefs
Every brief is designed to be read in under 3 minutes, with documented depth for counsel and audit.
- Executive Actions (clear, prioritized)
- Key Judgments (w/ confidence)
- What Changed since last brief
- Indicators to Monitor
- Provenance (source & info grades)
- Assumptions & Limits
- Alternatives & Risks
- Appendix (evidence & citations)
5/9
Chain of Custody & Audit
- Time-stamped capture & hashing where applicable
- Append-only activity logs
- Role-based access & case segregation
- Redaction workflow (PII minimization)
- Who/what/when for each material action
- Source handling notes & limitations
- Disclosure readiness for counsel
6/9
Escalation & Playbooks
We map severity to confidence for pre-agreed actions.
| Confidence ↓ / Severity → | Low | Moderate | High | Critical |
|---|---|---|---|---|
| Low | Log & monitor | Monitor + light triage | Notify owner; prepare actions | Notify leadership; hold on actions |
| Medium | Track indicator | Triage in 24h | Action within 12h | Immediate convening |
| High | Note in brief | Prepare intervention | Execute playbook | Execute now + counsel |
Playbooks are tailored per client (legal, security, comms) and tested via tabletop drills.
7/9
OPSEC & Hygiene
- Need-to-know case partitioning
- Attribution controls during collection
- Sanitized artifacts for distribution
- Deconflict sources; look for echoing
- Adversarial checks on narratives
- Mis/disinformation triage patterns
8/9
Tooling: Knox Modules
Centralized signal intake, entity resolution, link & timeline views.
Role-based access Immutable notesDraft, review, and deliver decision-grade briefs with inline provenance.
Confidence tags Review trails9/9
Standards & Boundaries
- Legal-first: activities bounded by law, contract, and client policy
- Disclosure-ready: briefs and artifacts designed to withstand discovery
- Privacy: PII minimization, redaction, retention limits
- Governance: versioning, reviewer initials, access controls