What we have built. What we are building.

Local-first credential and code-protection scanner for environments where source code cannot leave the operational boundary. SOVEREIGN III identifies leaked credentials, hardcoded secrets, weak cryptographic patterns, and structural vulnerabilities without sending the underlying code to a remote service.

The benchmark story. SOVEREIGN III scores F1 0.9915 on the full 332-repo Samsung CredData benchmark (5-fold cross-validated F1: 0.9900). It beats UMass GPT2-MLP — the published academic best at F1 0.973 — by 1.85 percentage points. To our knowledge, no commercial credential scanner publishes a comparable score against the same benchmark.

The architecture story. The scoring stack is a four-engine ensemble:

• CredSweeper · Samsung's open-source ML classifier
• GitLeaks · open-source regex + git history scanner
• Whispers · open-source pattern matcher
• The Sparked proprietary scanner · in-house gap-filling engine that catches what the others miss

On top of those four sits a scikit-learn logistic regression meta-learner — the simplest ML model that exists. Three open-source engines plus a proprietary in-house engine plus a logistic regression on top is what beats a 774-million parameter transformer. No GPU required for the core scanner.

Currently undergoing evaluation against the SecretBenchSecretBench Academic BenchmarkPeer-reviewed credential-detection benchmark from NCSU.Click for the official source → — the peer-reviewed academic benchmark from North Carolina State University, published via the NSF Public Access Repository. 97,479 secrets across 49 programming languages, 15,084 manually labeled true secrets across 818 GitHub repositories. Results forthcoming.

Federal mandates SOVEREIGN III directly addresses today:

• EO 14028Executive Order 14028Improving the Nation's Cybersecurity. Signed May 2021. Mandates federal software supply chain attestation, signed-evidence requirements, and zero-trust architecture across federal agencies and contractors.Click for the official source → — software supply chain attestation, signed-evidence requirements
• OMB M-22-18OMB Memorandum M-22-18Enhancing the Security of the Software Supply Chain through Secure Software Development Practices.Click for the official source → — secure software development self-attestation
• NIST 800-171NIST Special Publication 800-171Protecting CUI in Nonfederal Systems and Organizations.Click for the official source → — CUI baseline for federal contractors
• NIST 800-172NIST Special Publication 800-172Enhanced Security Requirements for Protecting CUI against APTs.Click for the official source → — enhanced CUI controls against advanced persistent threats
• CMMC 2.0Cybersecurity Maturity Model Certification 2.0DoD program requiring contractors handling CUI to certify against three maturity levels.Click for the official source → — Levels 2-3 supply chain practice fulfillment
• CISA CDMCISA Continuous Diagnostics and Mitigation ProgramFederal program providing continuous monitoring tools to civilian agencies.Click for the official source → — Phase 4 continuous credential exposure monitoring
• NIST 800-53NIST Special Publication 800-53Security and Privacy Controls for Information Systems and Organizations.Click for the official source → — RA-5 vulnerability monitoring + AU-9(3) audit log integrity
• NIST SSDFNIST Secure Software Development FrameworkFederal-grade secure software development practices required by EO 14028.Click for the official source → — SP 800-218 secure development framework practice fulfillment
• SEC cybersecurity disclosure rules — public-company credential leak monitoring with provable timestamps

Available for federal evaluation under NDA. Reach out to discuss your environment.

Cryptographic decision-attestation substrate being developed to bind every consequential AI action to a signed, auditable claim. Federal AI deployments today have no cryptographic basis for verifying agent identity, decision authority, or output provenance. DLINE is being built to close that gap at the substrate level.

Designed to satisfy:

• OMB M-26-05OMB Memorandum M-26-05Risk-based AI security and tailored runtime environments for federal AI deployments.Click for the official source → — risk-based AI security with tailored runtime environments
• NIST AI RMFNIST AI Risk Management Framework 1.1Voluntary federal framework with Govern, Map, Measure, and Manage functions.Click for the official source → 1.1 — Govern, Manage, Measure functions
• NIST CAISINIST Center for AI Standards and InnovationNIST initiative establishing standards for AI agent identity, attestation, and signed inter-agent communication.Click for the official source → — cryptographic agent identity and signed inter-agent communication
• CNSA 2.0Commercial National Security Algorithm Suite 2.0NSA standard requiring federal national security systems to support and prefer post-quantum cryptography starting 2026.Click for the official source → — hybrid post-quantum signature support (Ed25519 + ML-DSA)
• NIST 800-53NIST Special Publication 800-53Security and Privacy Controls for Information Systems and Organizations.Click for the official source → — AU-9(3) tamper-evident audit logs and AU-10 non-repudiation
• DoD AI Ethical Principles — Responsible / Equitable / Traceable / Reliable / Governable

In active development. Architecture briefings available to qualified federal evaluators under NDA.

Mesh-federated sovereign-node physical security platform being developed for contested, austere, and classified environments. Each node is designed to be architecturally complete — capable of perception, classification, decision, and forensic recording without dependency on a network connection or central command.

Designed to satisfy:

• DHS Federal Protective Service — federal building security with chain-of-custody on surveillance evidence
• CBP border surveillance modernization — ALPR and biometrics with prosecutorial-grade audit trails
• DoD installation security — Provost Marshal General requirements
• FAA airport perimeter monitoring
• SOFWERX edge environment AI requirements
• NIST 800-53NIST Special Publication 800-53Security and Privacy Controls for Information Systems and Organizations.Click for the official source → — AU-9(3) audit log integrity for evidentiary surveillance

In active development. SENTINEL development is deliberately sequenced behind SOVEREIGN III completion and required DLINE extensions for cross-capability handoffs.

MIMIC is being developed as the intelligence layer designed to power every Sparked Technology capability. The model is designed to come to the data, never the other way around — transforming itself into a specialized model tuned to your mission profile, your data, your operational boundary. Your needs become the model.

Designed for local execution on customer hardware, behind the customer's firewall, with no cloud dependency and no telemetry. The architectural intent: AI that adapts to the deployment environment, not the other way around.

In active development. NDA-gated technical reviews available for federal evaluators considering integration.

The services arm of Sparked Technology Solutions. Original-code web design and development, AI assistant integration, managed hosting, document services, publishing, audiobook production, strategic consulting, and federal grant writing.

Every engagement is scoped, quoted, and delivered against a written statement of work. Deliverables and acceptance criteria are defined at contract. Source code, credentials, and documentation transfer to the client at project close. Federal, state, local, nonprofit, and commercial customers welcome.

Full deliverables list and reference builds are on the consumer Services page.

Working interactive demos and minimum viable products for federal program offices, accelerator programs, university entrepreneurship initiatives, and prime contractor innovation arms. Built fast on the Sparked engineering foundation with a defined path from demo to production build.

Engagement model is a fixed-scope, fixed-price prototype with documented acceptance criteria, source-code transfer, and an optional path to production scoped at engagement close.