No threat emerges in isolation.

Revontulet maps adversarial networks and monitors the threat landscape, preventing abuse and detecting threats across domains.

What we do →

Express Interest in Cortexia

Two Tracks.
One Graph.

We prevent abuse of services and detect and mitigate threats.

01 — Prevent abuse

Cut off the services dangerous organisations depend on.

We help service providers cut off the access dangerous organisations depend on, on a real evidentiary basis.

Who this is for: Trust & Safety, Legal & Policy, Cyber Threat Intelligence and Compliance teams, at platforms, infrastructure providers and regulators carrying enforcement obligations.

The outcome: enforcement that disrupts networks at the root, supports compliance with DSA, TCO, NIS2 and AMLA.

See Trust & Safety work →

02 — Detect threats

Catch threats early enough to mitigate harm.

We help agencies, municipalities and civilian operators detect threats early enough to mitigate harm.

Who this is for: Entities with security obligations, government agencies, municipalities, infrastructure providers, locations and destinations, protective-intelligence clients and election bodies.

The outcome: early warning, network mapping, briefings and ongoing monitoring tailored to the threat picture you are exposed to.

See Critical Infrastructure work →

HOW WE DELIVER

Three Pillars, one company

Platform

Cortexia

The intelligence platform we built for our own analysts and now offer externally. One workspace for the full intelligence cycle: graph, workflows, reports, evidence trail, dashboards. Deployable as SaaS, dedicated hardware, or fully air-gapped.

Public launch later in 2026. Express interest now to join the early-access list.

Express interest in Cortexia →

Analyst-delivered

Intelligence

Our original analyst-delivered service. Investigations, reports, briefings, data-as-a-service, and custom analysis. Built on the graph that powers Revontulet, with human-validated outputs from our analyst team.

For platforms, companies, governments, multilateral institutions, and civil-society partners with a defined intelligence need.

Talk to us about a brief →

Strategic advisory

Strategy

Strategic and regulatory advisory for cross-domain compliance: NIS2, DORA, AMLA, DSA, EU AI Act, etc., mapped against the threats each framework was written to address. Our public Regulatory Landscape Tracker is the starting point; the work shaped to your situation is built from there.

For boards, compliance leads, and regulated entities navigating multiple frameworks at once.

Talk to us for pricing →

A wave of European regulation is creating mandatory demand for cross-domain threat intelligence.

From Sikkerhetsloven (July 2026) to NIS2, DORA, AMLA, DSA and the EU AI Act, civilian entities are now required to maintain a credible threat picture. We track every regulation, obligation and jurisdiction in scope.

    133
    Items tracked
  
    28
    Jurisdictions
  
    116
    In force

Regulation Tracker →

TRUSTED BY

Professionals across sectors.

A diversified client base across government, regulators, civil society, platforms and multilateral institutions.

"In 90 minutes with the Revontulet team, we learned more about our security situation than in years of working with local law enforcement."

Local politician and veteran · North Carolina, US

"Revontulet presents a network-based approach to threat intelligence, showing why understanding relationships between actors, narratives, and infrastructures is key to effective prevention, regulation, and rights-based security responses in today's global landscape."

European Commission · EU Knowledge Hub on Radicalisation, February 2026

Commissioned to review

Revontulet's analysts independently reviewed The Texas Observer's open-source investigation identifying an ICE prosecutor running a white-supremacist X account.

The Texas Observer · 2025