Serpentine

Serpentine is a unified Security Operating System consolidating continuous detection, automated hardening, controlled exploit verification, and compliance governance onto a single shared data layer. Operated by SPNT DOOEL Skopje on EU infrastructure , Serpentine serves security teams that have outgrown the integration overhead of point tools.

The service comprises four modules:

• Odbrana — continuous detection across web, API, infrastructure, and cloud assets
• Postava — automated Linux host hardening with continuous drift monitoring
• Napad — bounded, auditable exploit verification
• Regulativa — continuous compliance governance across 35 frameworks and 3,144 obligations (SOC 2, ISO 27001, PCI DSS, GDPR, NIS2, DORA, CMMC, NIST CSF, HIPAA)

…and three intelligence layers: OSINT enrichment from external sources, Operational Telemetry validating cloud-audit and identity controls, and Decision Intelligence producing evidence-grounded analysis where every claim cites the substrate records it derives from.

Serpentine is delivered across four tiers — Free, Commercial, Enterprise, Sovereign. The Sovereign tier enforces EU-only LLM inference and offers a self-hosted LLM option for regulated public-sector and financial-services buyers (DORA, NIS2). Data residency is EU-default.

SOC 2 Type II audit is in progress (target Q4 2026). Annual independent penetration testing is conducted; summaries available under NDA.