In Development

RAVEN Shield

Lightweight DLP built for DoD and the air gap.

Request a DemoClient PortalGet Notified

In active development

Capabilities

What RAVEN Shield Delivers

Data-in-Motion Enforcement

USB and removable-media interception, Outlook/MAPI and SMTP email attachment monitoring, and inline block of sensitive transfers with per-classification policy.

Classification-Aware Detection

Recognizes the full US classification hierarchy (U, CUI, C, S, TS, TS/SCI) with portion markings, banners, dissemination controls (NOFORN, REL TO, ORCON), and SCI compartments.

Block-and-Request-Approval

Blocked transfers become real-time approval requests. Approvers see file details, detected classification, destination, and requestor context - with required justification on every release.

Why RAVEN Shield

Built for the Air-Gapped Enclave

FIPS 140-3 by Default

aws-lc-rs on the agent, OpenSSL 3.x FIPS provider on the server. Both refuse to start if FIPS validation fails in production builds.

Lightweight Rust Agent

A single memory-safe binary per host. Target: under 100 MB idle, under 300 MB during active scan. Managed by systemd, Windows SCM, or launchd.

Priced for SMBs and Programs

Positioned below enterprise DLP so small businesses and small government programs can still enforce CUI and classification controls without six-figure license costs.

FAQ

RAVEN Shield Questions

What is RAVEN Shield?
RAVEN Shield is a lightweight Data Loss Prevention product for small-to-mid-size businesses and DoD programs. A Rust endpoint agent paired with a Node.js/React server runs entirely on-premises with air-gap support and classification-aware policy from UNCLASSIFIED through TS/SCI.
Which operating systems does the agent support?
A single Rust agent binary targets Windows, Linux, and macOS endpoints and reports to one management console for unified policy, findings, and approval handling.
Does RAVEN Shield work on an air-gapped network?
Yes. The agent keeps a signed, encrypted local policy cache and queues findings and approval requests when disconnected, syncing in batches on reconnect. No cloud dependency, no external telemetry.
What classification levels does Shield recognize?
The full US classification hierarchy - UNCLASSIFIED, CUI, CONFIDENTIAL, SECRET, TOP SECRET, and TS/SCI - including portion markings, banners, dissemination controls (NOFORN, REL TO, ORCON), and SCI compartments.
How does block-and-request-approval work?
When the agent blocks a sensitive transfer, the attempted action becomes a real-time approval request. Approvers see file details, detected classification, destination, and requestor context, and release requires a written justification that is recorded in the audit log.
When will RAVEN Shield be generally available?
RAVEN Shield is in active development. Use the Get Notified form on this page to receive a single email when v1.0 ships, or contact us to discuss a pilot.

Evaluate RAVEN Shield

RAVEN Shield is in active development. Contact us to discuss pilot deployments, or sign up to be notified when v1.0 ships.

Contact UsClient Portal

Stay Informed

Get cybersecurity compliance updates, CMMC news, and security insights delivered to your inbox.

Release updates only. No spam, ever.