CLOUD SERVICE · VEDANUX · PRIVATE THREAT INTELLIGENCE NETWORK

VEDANUX — Know what's hostile. Before it costs you.

NOGTUS VEDANUX is the dedicated Private Threat Intelligence Network of the NOGTUS ecosystem — one place to ask whether an object, URL, domain, or address is known to be hostile, and get a clear, defensible answer your analysts and reviewers can stand behind.

Satu inquiry console yang didukung oleh reputation knowledge base yang dioperasikan NOGTUS — setiap lookup menghasilkan unified verdict, supporting evidence, dan audit-ready record — tanpa berpindah tab atau menyatukan sumber-sumber yang kurang terpercaya.

1 Console
Universal Inquiry Bar
4 Verdict Classes
Clean · Suspicious · Malicious · Unknown
24/7
SaaS Availability · Tiered SLA
7 Modules
Cooperating behind one console
Product Identification
PRODUCT
NOGTUS VEDANUX
TYPE
Cloud-Native Private Threat Intelligence Network
DELIVERY MODEL
SaaS Subscription — NOGTUS-operated
OPERATOR
PT Neurogs Inovasi Teknologi
WEB CONSOLE
app.vedanux.nogtus.cloud
API ENDPOINT
api.vedanux.nogtus.cloud
EDITION
2026
TENANCY
Multi-tenant, per-tenant isolation
What VEDANUX Is

The architectural role and operating thesis.

VEDANUX is a standalone, separately-licensed cloud service that complements — but does not duplicate — the operational analytics of the NOGTUS Analytics Cluster. Where the Analytics Cluster reasons over live telemetry to detect, alarm, and ticket events in real time, VEDANUX reasons over aged, governed indicators to deliver authoritative reputation verdicts on demand. It is the platform analysts open when they need a quick, defensible answer about an object's or address's standing — during triage, hunting, post-incident forensics, or compliance review.

VEDANUX is built on two complementary, NOGTUS-operated reputation layers. The Threat Intelligence Core is the authoritative core — indicators produced, validated, deduplicated, and confidence-scored by NOGTUS before they ever surface in a verdict. The Reputation Corroboration Grid is a second NOGTUS-produced layer that broadens and corroborates the verdict surface. The subscriber sees one verdict, one schema, one auditable trail — never a fragmented multi-tab view.

Speed matters during triage. Defensibility matters in review. VEDANUX is engineered for both — fast lookups when you need to move, transparent evidence when you need to explain. NOGTUS produces and manages the reputation knowledge base end-to-end: no data brokers in the loop, no orchestration burden on the subscriber — one principal, one accountable service.

Architecture Overview · Three-Stage Resolution

One inquiry. One governed verdict. One audit trail.

Every VEDANUX lookup follows a deterministic three-stage path. The Vedanux Engine orchestrates resolution; Knowledge Sources — the Threat Intelligence Core and the Reputation Corroboration Grid, both operated end-to-end by NOGTUS — return verdicts; and the Verdict Workspace presents a structured, exportable result. The same path serves a manual analyst search, an API call from the Analytics Cluster, and a batch lookup from a forensic case file.

Stage 1 · V01

Vedanux Engine

The reputation reasoning core. Identifies indicator type, routes parallel queries, fuses multi-source signals, and produces a single normalised verdict — category, numeric score (0–100), contributing-layer breakdown, and timestamps.

  • Auto type detection — MD5 / SHA-1 / SHA-256 / SHA-512 / URL / Domain / IPv4 / IPv6
  • Parallel resolution with timeout governance
  • Verdict fusion via documented scoring model
  • Hot-cache for repeat lookups < 1 second
  • Full audit trail — every query and verdict change logged
Stage 2 · V02

Knowledge Sources

Threat Intelligence Core and Reputation Corroboration Grid — both produced and managed in-house by NOGTUS. Unified schema, graceful degradation if any internal layer is degraded.

  • NOGTUS-produced indicator knowledge with per-indicator confidence (0–100)
  • Tagging by malware family, campaign, MITRE ATT&CK, target sector
  • Long retention with archival tier; every verdict change audit-logged
  • Service health, freshness, and capacity governed by NOGTUS
  • Graceful degradation with clear partial-confidence indicator
Stage 3 · V04

Verdict Workspace

Structured result page — verdict badge, multi-layer matrix, relations graph, history, and export. Every workspace is shareable, bookmarkable, and exportable as JSON, CSV, or PDF.

  • Above-the-fold verdict badge (Clean · Suspicious · Malicious · Unknown) + score
  • Multi-layer detection matrix per NOGTUS-operated source
  • Technical metadata tab — hashes, GeoIP, ASN, TLS fingerprint
  • Relations graph — pivot from any indicator to its neighborhood
  • Export: JSON · CSV · PDF · STIX 2.1
Capability Architecture · Platform Specification

Regrouped by engineering capability.

Capability Domain — Reputation Engine

Object & URL Reputation with Vedanux Engine · Pemeriksaan Reputasi Objek dan URL

Pemeriksaan reputasi objek dan URL dengan Vedanux Engine.

Vedanux Engine bekerja sebagai reputation reasoning core — merutekan kueri secara paralel ke Threat Intelligence Core dan Reputation Corroboration Grid, kemudian memfusikan sinyal multi-sumber menjadi satu verdict akhir beserta numeric reputation score (0–100).

Setiap indikator diproses melalui pipeline deterministik tiga tahap: routing dan caching oleh Vedanux Engine, resolusi paralel oleh Knowledge Sources yang dioperasikan NOGTUS, dan presentasi terstruktur pada Verdict Workspace — menghasilkan satu audit trail yang konsisten.

Vedanux Engine mendukung auto type detection untuk semua jenis input tanpa intervensi analis: hash (MD5, SHA-1, SHA-256, SHA-512), URL, domain, IPv4, IPv6, serta file upload.

Capability Domain — Universal Inquiry Console

Single Universal Search Bar with Auto-Detection · Search Bar Universal dengan Deteksi Tipe Otomatis

Platform mampu menyediakan antarmuka pengguna berbasis web dengan single search bar universal yang secara otomatis mendeteksi tipe input, meliputi hash (MD5, SHA-1, SHA-256, SHA-512), URL, domain, IPv4, IPv6.

Live inline type hint ditampilkan saat analis mengetik — 'SHA-256', 'Domain', 'IPv6', dan sebagainya — untuk konfirmasi sebelum submission. Drag-and-drop upload file tersedia langsung dari halaman utama.

Console mendukung bulk inquiry melalui CSV upload untuk batch indikator berukuran besar, dengan hasil yang dikirimkan sebagai async job dan dapat diunduh.

Desain halaman utama sengaja minimalis: setiap elemen selain search bar adalah history, bookmarks, atau workspace navigation — analis tidak perlu berpikir tentang di mana harus mengetik, hanya apa yang harus ditanyakan.

Capability Domain — Verdict Workspace & Result History

Structured Reputation Result Page & History · Halaman Hasil Reputasi Terstruktur dan Riwayat

Platform mampu menampilkan halaman hasil reputasi secara terstruktur dan history.

Halaman hasil ditampilkan pada Verdict Workspace — verdict badge di atas fold, numeric reputation score (0–100), tab Detection (multi-source matrix), tab Details (technical metadata), tab Relations (graph), tab History (verdict timeline), dan tab Export.

Tab History menyajikan chronological verdict timeline — kapan indikator pertama kali muncul, bagaimana kategorinya berevolusi, dan siapa yang meninjaunya. Setiap perubahan verdict dicatat dengan user, timestamp, dan contributing sources.

Setiap Verdict Workspace dapat dibagikan melalui permalink yang stabil lintas sesi — untuk kolaborasi, review, dan pelaporan insiden.

Capability Domain — Verdict Taxonomy

Four-Class Verdict: Clean · Suspicious · Malicious · Unknown · Taksonomi Verdict Empat Kelas

Platform mampu menampilkan penilaian secara ringkas dengan kategori minimal Clean, Suspicious, Malicious, dan Unknown.

Clean: tidak ada sinyal hostile dalam governance window — aman untuk dilanjutkan dengan penanganan standar. Suspicious: indikator campuran atau low-confidence — memerlukan pivot, inspeksi lebih dalam, atau eskalasi. Malicious: high-confidence hostile attribution dari sumber yang dikoroborasi — blokir, contain, dan dokumentasi. Unknown: tidak ada sinyal yang dapat digunakan — analis memutuskan kebijakan berdasarkan konteks workflow.

Setiap verdict disertai numeric reputation score (0–100) untuk granularitas lebih tinggi pada dashboard dan otomasi. Analis membaca badge dalam satu detik; reviewer membaca evidence secara detail.

Verdict taxonomy bersifat deterministik dan terdokumentasi — setiap verdict didukung oleh traceable evidence: knowledge source mana yang setuju, mana yang tidak, dan kapan terakhir diperbarui.

Capability Domain — Analyst Workflow & Export

Per-User History, Bookmark, Tagging & Multi-Format Export · Riwayat Per-Pengguna, Bookmark, Tagging, dan Ekspor

Platform mendukung riwayat pencarian per pengguna, bookmark, tagging, dan ekspor hasil dalam format minimal JSON, CSV, dan PDF.

Riwayat pencarian per pengguna berupa per-user chronological log dari setiap inquiry beserta verdict dan timestamp — dapat dicari dan difilter.

Bookmark menyematkan indikator berulang ke sidebar, dilengkapi notifikasi perubahan verdict. Tagging mendukung pengelompokan lookup lintas investigasi menggunakan tag bebas dan terstruktur (campaign, case ID, incident, sector) sebagai cross-cutting filter.

Ekspor tersedia dalam format JSON (machine-readable, full result), CSV (spreadsheet-friendly summary), PDF (signed evidence document), serta STIX 2.1 untuk structured TI handover.

Watchlist memungkinkan pemantauan curated indicator list dengan subscription ke verdict changes melalui alert via email dan webhook.

Capability Domain — Relations Graph Explorer

Visual Pivoting — Indicator Neighborhood Graph · Eksplorasi Grafis Relasi Antar-Indikator

Tab Relations merender koneksi antar-indikator sebagai interactive graph — analis dapat zoom, pan, klik node untuk expand neighbourhood, filter berdasarkan relation type, dan pivot langsung ke fresh inquiry VEDANUX dengan klik.

Node types meliputi: File, URL, Domain, IPv4, IPv6, Email, Campaign, Actor, TTP — color-coded untuk pembacaan cepat. Edge labels bersifat semantis: Communicates-with, drops, downloads-from, resolves-to, signed-by, observed-with.

Graph dapat diekspor sebagai PNG, SVG, atau JSON untuk case files, slide decks, dan downstream graph tooling. Setiap graph view dapat dibagikan sebagai URL permalink yang stabil lintas sesi.

Capability Domain — Object & Web Inspection

Type-Aware Deep Inspection Panels · Panel Inspeksi Mendalam Sesuai Tipe Indikator

Tab Details beradaptasi secara otomatis berdasarkan jenis indikator. File atau objek yang direferensikan oleh hash membuka Object Inspection Panel — header parsing, embedded strings, signer status, hash family (MD5/SHA-1/SHA-256/SHA-512/ssdeep/imphash), dan indikasi packer atau obfuskasi.

Indikator web (URL, domain, IP) membuka Web Inspection Panel — WHOIS dan passive DNS history, TLS certificate inspection (CN, SAN, issuer, JA3/JA3S/JARM fingerprints), GeoIP dan ASN enrichment, captured HTTP response headers, serta rendered preview URL di mana aman untuk dilakukan.

Shell Verdict Workspace tetap sama untuk semua jenis indikator — hanya inner view pada tab Details yang berubah sesuai tipe. Tidak ada perpindahan antar produk.

Capability Domain — Service Architecture & SLA

Cloud-Native, Multi-Tenant, Active-Active Delivery · Arsitektur Layanan Cloud-Native Multi-Tenant

VEDANUX dioperasikan sebagai fully-managed, multi-tenant cloud service. Tidak ada appliance yang perlu di-deploy, tidak ada infrastruktur yang perlu di-maintain di sisi subscriber. Tim NOGTUS menangani capacity, upgrades, security patching, dan availability.

Endpoint: web console di app.vedanux.nogtus.cloud dan managed REST API di api.vedanux.nogtus.cloud — keduanya dapat diakses melalui internet publik dengan TLS 1.3 dan modern cipher suites.

Active-active service tier dengan automatic failover, dirancang untuk continuous service melalui individual component failures. Target availability ≥ 99.9% untuk Enterprise tier.

Onboarding diaktifkan sebagai subscription — tanpa pengiriman perangkat, tanpa installer, tanpa professional services untuk penggunaan dasar.

Modules at a Glance · Seven Cooperating Modules

Seven cooperating modules behind one console.

From the moment an analyst pastes an indicator to the moment a finalized report is exported, VEDANUX moves the work through seven cooperating modules — each focused, none in the way.

V01

Vedanux Engine

The reputation reasoning core. Resolves verdicts, fuses evidence, scores indicators, applies governance windows. Every inquiry lands here first.

V02

Knowledge Sources

NOGTUS-operated reputation knowledge base — Threat Intelligence Core and Reputation Corroboration Grid — the authoritative substrate every verdict draws from.

V03

Universal Inquiry Console

One search bar. Hashes, URLs, domains, IPs — auto-detected, routed, and displayed without category-picking friction. Drag-and-drop, bulk CSV, workspace navigation.

V04

Verdict Workspace

The unified verdict surface. Badge, score, evidence trail, and source agreement matrix in one defensible view. Shareable, bookmarkable, exportable.

V05

Object & Web Inspection Panels

Object-type aware deep panels for files, URLs, domains, and addresses — purpose-built layouts. Object Inspection Panel for binaries, Web Inspection Panel for URLs/domains/IPs.

V06

Relations Graph Explorer

Pivot from any indicator to its neighborhood — related infrastructure, co-resolved indicators, shared attribution. Interactive, exportable, permalink-shareable.

V07

Analyst Workflow & Export

Save, tag, comment, share, and export inquiry records as audit-ready artifacts. Per-user history, bookmarks, watchlists with verdict-change alerts, JSON/CSV/PDF/STIX 2.1 export.

Where VEDANUX Is Used · From Triage to Final Report

From first triage to final report.

VEDANUX fits naturally into the workflows analysts already run — without adding ceremony, without locking teams to a specific SIEM or playbook.

Alert Triage

Verify hashes, URLs, and addresses surfacing in SIEM, EDR, or email security alerts before escalation. Paste any indicator and receive a governed verdict in seconds.

Threat Hunting

Pivot through related infrastructure and co-resolved indicators via the Relations Graph to widen scope from a single suspicious lead to a full campaign picture.

Forensic Review

Reconstruct the reputation context an indicator carried at investigation time, with audit-ready provenance through the History tab and verdict timeline.

Incident Reporting

Export defensible verdict records as JSON, CSV, PDF, or STIX 2.1 bundles into incident reports, regulatory filings, and post-mortem documentation.

Compliance & Audit

Demonstrate due-diligence reputation checks with traceable, time-stamped evidence on demand — signed PDF export serves as audit-defensible record.

Workflow Enrichment

Companion lookup surface for NOGTUS Analytics Cluster and Forensic Integrated Platform — single authoritative reputation source, eliminating parallel TI feeds.

Delivery & Subscription · Service Tiers

Delivered as a SaaS subscription.

VEDANUX is sold as an annual subscription. Tiers differ in inquiry volume, number of users and workspaces, reputation coverage depth, API rate, retention window, and support response. Final tier composition for a given customer is set in the order document.

Tier · STARTER

Starter

Small teams, evaluation, occasional triage

INQUIRY QUOTAEntry-level monthly quota
USERS & WORKSPACESLimited users
SUPPORTBusiness-hours email
AVAILABILITY TARGETPer order
RETENTIONPer order
EXPORT FORMATSJSON · CSV · PDF · STIX 2.1
Tier · PROFESSIONAL

Professional

Operational SOC and IR teams

INQUIRY QUOTAOperational monthly quota
USERS & WORKSPACESMulti-user, multiple workspaces
SUPPORTBusiness-hours email + chat
AVAILABILITY TARGETPer order
RETENTIONPer order
EXPORT FORMATSJSON · CSV · PDF · STIX 2.1
Tier · ENTERPRISE

Enterprise

Large organisations, multi-tenant holdings, integrated automation

INQUIRY QUOTAHigh monthly quota with burst allowance
USERS & WORKSPACESExtensive, with workspace federation
SUPPORT24×7 email, chat, named contact
AVAILABILITY TARGET≥ 99.9% monthly
RETENTIONPer order
EXPORT FORMATSJSON · CSV · PDF · STIX 2.1

Quotas, coverage depth, retention windows, and SLA values are confirmed per order. The values above are indicative; the binding values live in the customer's order document and Service Description.

Engagement · Subscription & Technical Evaluation

Put a defensible verdict behind every inquiry.

Request a tier proposal, evaluation access, or a technical workshop. The NOGTUS commercial team will walk through capacity sizing, onboarding, and integration scoping for your environment.

✉ info@neurogs.tech✆ +44 7467 141305⬡ PT Neurogs Inovasi Teknologi, Lt.19 Menara 165, Jakarta