The company

One person.
A swarm of agents.

CipherSentry is built and run by a single founder, Alberto Moro, with a team of specialized AI agents. A small operation by design: fewer hands, more automation — and everything we capture, captured for real.

Mission

Give every security team the ability to understand their attackers with the same depth as the most sophisticated actors.

Vision

A world where no organization is caught off guard by an attack it could have anticipated with the right intelligence.

Purpose

Democratize threat intelligence. So a startup has the same detection capabilities as a Fortune 500 bank.

History

From lab to product

Origin

The first honeypot

CipherSentry began as a personal project to study the real behavior of attackers. The first prototype, deployed on an internet-exposed VPS, collected thousands of access attempts in its first days.

Open Source

The sensor, on GitHub

The sensor you deploy is released under the MIT license and is self-hostable: auditable by anyone, with no hidden telemetry. The central engine is private. Any team can deploy its own instance.

Dashboard

Integrated web dashboard

We added a real-time monitoring dashboard: IP geolocation, credential analysis, session timeline and report export. Real data, visualized in an actionable way.

2026

CipherSentry — today

Active project, in production. 648.821 real access attempts captured on our own honeypot. Assisted deployment and founder-direct customizations for teams that want their own instance.

Team

Who's behind
CipherSentry

CipherSentry is founded and led by Alberto Moro. The product, threat research and operations run on specialized AI agents. A small operation by design: fewer hands, more automation.

AM

Alberto Moro

Founder

Drives CipherSentry's vision and decisions: turning honeypot intelligence into something actionable for any team.

Engineering

AI agent

Builds and maintains the honeypot core and the dashboard.

Threat research

AI agent

Analyzes captures to detect attack patterns and publish intelligence.

Operations & support

AI agent

Infrastructure, deployment and day-to-day support.

Values

How we work

01

Full transparency

The sensor you deploy is open source (MIT): you can read exactly what it does, with no backdoors or hidden telemetry. The intelligence engine is proprietary — it's our core and it never leaves our systems.

02

Security first

We never run the attacker's code on the host. The sandbox is real, not cosmetic. We build for our customers' security, not our own.

03

Community first

The sensor is open source under the MIT license — the code you deploy is the code we publish. As the research matures, we'll publish analysis and IoCs based on real data.

04

Pragmatism

Fewer features that work, better than many half-baked ones. We prefer to do one thing exceptionally well before diversifying.

Privacy and compliance

Our commitments

Only what we can prove today. Formal certifications will come as the company matures — we don't announce them before we have them.

GDPR compliance
Data hosted in the EU
Auditable open source client

Want to join the team?

We're always looking for people passionate about security who want to solve real problems.