AI-driven forensic analysis for financial statements. Detect anomalies before they become problems.
Professional-grade tools used by forensic accountants.
PDF, Excel, CSV, images, Word — even 142-page 10-K filings.
MAD, Chi-square, Z-scores — court-ready statistical methodology.
Local LLM summarization. Private, offline, no data leaves your machine.
SHA-256 hashing, timestamps, investigator tracking — audit-ready.
Drop any financial document. PDF, Excel, CSV, scanned images.
Benford's Law engine extracts numerics and computes anomaly scores.
Receive an audit-ready report with chain of custody and AI summary.
FORENIX caught irregularities our team missed for three months.
Built from the ground up for the requirements of forensic investigation. Every action logged. Every artifact hashed. Every report court-ready.
Three new engines extending the suite from forensic accounting into full-spectrum cyber & equity intelligence.
Deep PCAP/PCAPNG inspection in-browser. Surface beaconing, C2 callbacks, and exfil patterns with zero data egress.
Liquidity, solvency, profitability, and DuPont decomposition benchmarked to CFA Institute methodology — auditable & exportable.
Continuous OpenAPI/Swagger fuzzing for auth flaws, BOLA, SSRF, and mass-assignment regressions across your stack.
To ensure data sovereignty and VM stability, we utilize a localized LLM with a 24-hour zero-retention policy and automated resource pruning. Every artifact you upload is processed inside a sandboxed VM running Ollama on loopback, then hard-deleted at the next 00:00 prune cycle — no third-party API, no warehousing, no replay.
FORENIX is built on Local LLM sovereignty. We ship with Ollama running Llama-3 and Mistral inside a sandboxed VM that you control — your evidence is fed to the model over loopback only. No tokens, no embeddings, no prompts ever traverse a third-party inference API such as OpenAI or Anthropic. The model files themselves are signed and version-pinned so an investigator can attest in court exactly which weights produced a given summary.
Zero-Retention by default. The instant your analysis finishes, the original artifact, extracted numerics, intermediate Ollama context windows, and raw OCR buffers are flushed from RAM and the temp volume. A nightly automated prune at 00:00 UTC hard-deletes any residual binary in the sandbox VM. We never warehouse, train on, or replay your documents — what you uploaded is gone before you log out.
Yes. Every uploaded artifact is cross-referenced against rolling IoC feeds (MISP, AlienVault OTX, abuse.ch). We extract embedded URLs, hashes, IPs, BTC addresses, and macro indicators from PDFs and Office documents, then match them against known phishing kits, ransomware C2, and exfil endpoints. Hits surface in the Threat Gauge and the structured Remediation panel — so a forensic accountant catches the social-engineering layer that often hides next to the financial fraud.
Yes. The whole stack — Ollama, the Benford engine, the IoC ruleset, and the report renderer — ships as a single container. Drop it on an air-gapped workstation, mirror the IoC feed weekly via sneakernet, and you get the same court-ready output with zero outbound network calls.
Every step is logged with SHA-256 hashes, UTC timestamps, and the investigator's signed identity. The Benford computation (MAD, Chi-square, Z-scores), the model version, and the prompt template are all embedded in the exported PDF — meeting the Daubert standard for reproducibility.
To maintain peak VM performance and user privacy, all forensic artifacts and binary buffers are hard-deleted from our server every 24 hours via an automated system prune.
Launch the forensic suite in seconds. No credit card required.