Nullcone
CrowdStrike-class threat intelligence for the AI-native era — built for agents, not analysts.
The Problem
AI agents — autonomous software that browses the web, executes code, calls APIs, and processes untrusted user content — have zero access to threat intelligence. Traditional platforms like Recorded Future and CrowdStrike charge $50k–$500k per year, target enterprise SOC teams, and deliver data on human review timescales. No platform covers prompt injection attacks. No schema exists for AI tool abuse. Agents operate blind, at machine speed, against an attack surface incumbents don't have schemas for.
The Solution
Nullcone is a **distributed real-time threat intelligence platform** built on SpacetimeDB — a Rust WASM database with built-in push subscriptions. Every sensor, honeypot, EDR endpoint, and AI agent connects to the same live IOC feed. When one agent encounters a malicious domain, every connected agent knows within milliseconds. No polling. No stale data. No ETL.
Agents contribute IOCs. Agents consume IOCs. The network grows smarter with every submission. Free for agents. Always.
Core Innovation
| Capability | What It Means |
| PROMPT IOC type | First-class indicator for prompt injection patterns — no existing TI platform has this |
| SKILL IOC type | First-class indicator for AI tool/plugin abuse — covers attacks like ClawHavoc |
| Real-time push | SpacetimeDB WebSocket subscriptions; zero polling, instant propagation |
| Binary compression | ~10x metadata savings via EL binary encoding + adaptive codebook; sustains free agent tier at scale |
| O(1) deduplication | SHA256(`type:value`) dedup index; atomic in the database, not the application |
| MCP-native | Model Context Protocol server — AI agents query Nullcone as a native tool, no custom HTTP integration |
Market Opportunity
| Market Segment | Size (2026) | Growth Rate | Application |
| Threat Intelligence Platforms | $18B | 22% CAGR | IOC feeds, enrichment, SOC tooling |
| AI Security | $9B | 38% CAGR | Agent protection, prompt injection defense |
| SIEM / Security Analytics | $11B | 18% CAGR | Feed integration, detection rules |
| Developer Security Tools | $5B | 30% CAGR | SDK, IDE plugin, CI/CD integration |
| Total Addressable Market | $43B |
**Non-consumption opportunity**: The entire AI agent developer market currently has zero threat intelligence access. Nullcone enters at the unserved end and grows into the enterprise market from a position of network advantage.
Business Model
| Tier | Price | Target | Key Value |
| Agent | Free, forever | AI agents (data producers) | 50k queries/day, unlimited submissions |
| Developer | Free | Researchers, open source | API key, attribution, community access |
| Professional | $29–99/mo | Indie developers, small teams | 500k queries/day, private namespaces, SLA |
| Enterprise | $500–5,000/mo | Security teams, platforms | Unlimited, custom feeds, audit exports |
| Sandbox API | $0.05–$0.50/analysis | B2B, AI platforms | AI-specific dynamic analysis |
| Intelligence Reports | $500–50,000 | Enterprise, OEM | Threat research, YARA packs, custom hunts |
**Steady-state revenue**: 500 enterprise accounts + 5,000 Pro accounts + Sandbox API + reports = path to $5M ARR before 100M agent scale.
Technical Architecture
SENSORS
─────────────────────────────────────────────
Python SDK REST API MCP Server
(NullconeAgent) (FastAPI 8000) (Port 8001)
↓ ↓ ↓
INTELLIGENCE LAYER
─────────────────────────────────────────────
SpacetimeDB (Rust WASM, real-time subscriptions)
threat_signature ← binary-encoded IOC + metadata
malware_family ← 40+ family registry
agent_registration ← active sensor roster
threat_event ← detection action log
ioc_dedup_index ← O(1) SHA256 dedup
COMPRESSION
─────────────────────────────────────────────
0xF35B THREAT_IOC binary envelope
+ domain-specific adaptive codebook (EL)
+ gzip on context text
≈ 10x savings vs JSON at agent scaleTechnical Differentiation
| Feature | Nullcone | CrowdStrike | Recorded Future | ANY.RUN |
| PROMPT IOC type | Yes | No | No | No |
| SKILL IOC type | Yes | No | No | No |
| Real-time push (no polling) | Yes | No | No | No |
| MCP / agent-native protocol | Yes | No | No | No |
| Free for agents | Yes | No | No | No |
| Price entry point | $0 | $50k+/yr | $50k+/yr | $840/user/yr |
| AI sandbox (prompt injection) | Yes (roadmap) | No | No | No |
Traction & Milestones
- >Now: 592k+ IOCs in real-time SpacetimeDB instance
- >Live ingestors: abuse.ch, MalwareBazaar, GitHub threat intel (Neo23x0 YARA + MITRE ATT&CK STIX)
- >Beta: Python SDK, FastAPI REST gateway, MCP server operational
- >Compression: adaptive EL codebook trained on production IOC data
- >Case studies: auramaxx (trojan npm game SDK hijacking AI coding agents) + ClawHavoc (341 malicious OpenClaw skills) — publication pending
- >Q2 2026: Open source SDK, public read-only feed, LangChain/AutoGPT integration PRs
- >Q3 2026: Browser extension + VSCode/Cursor plugin; SKILL/PROMPT STIX extension proposal submitted
- >Q4 2026: 1,000 active contributing agents; Sandbox API beta
- >2027: Network flywheel crossover (agent submissions exceed ingestor volume); first enterprise pilots
Competitive Advantages
1. **First AI-native IOC schema**: PROMPT and SKILL types are unique in the industry — Nullcone defines the standard before any incumbent can
2. **Data flywheel**: Each agent submission compounds network value in ways incumbents cannot replicate without the agent network
3. **Real-time architecture**: SpacetimeDB push propagation vs. batch/REST delivery from every competitor — latency advantage that matters at machine speed
4. **Free agent tier as constitutional commitment**: Agents are data producers; taxing them kills the network — this is an architectural decision, not a pricing concession
5. **EL compression**: Binary encoding via Emergent Languages keeps per-IOC cost low enough to sustain free tier at 100M-agent scale
6. **Rising Sun ecosystem**: Built-in integration surface with Eudaimonia AI OS and other Rising Sun projects
Why Now
- >AI agent explosion: Autonomous agents are proliferating faster than any security tooling to protect them — the attack surface is growing undefended
- >Proven attack cases: auramaxx and ClawHavoc are real campaigns against AI systems, not hypothetical threats — the category is validated
- >Schema window: IOC type schemas become infrastructure once tooling and regulation adopts them — the PROMPT/SKILL schema must be established before incumbents define a competing standard
- >SpacetimeDB maturity: Real-time distributed database with built-in subscriptions makes the architecture viable at production scale for the first time
- >Non-consumption crossover: AI developers want threat intelligence but have no viable option — a free, agent-native entry point converts non-consumption to adoption
The Ask
Building the threat intelligence layer for the AI-native internet.
Every AI agent that touches untrusted data, browses the web, or executes code is a potential attack surface — and currently a blind one. Nullcone gives agents the same threat awareness that enterprise security teams buy at $50k+ per year, delivered at machine speed, free for data producers, and designed around attack types that incumbents don't have schemas for.
**Opportunity**: Define the AI threat intelligence standard before the market consolidates around platforms that retrofitted agent support onto human-centric tooling.
**Rising Sun** · risingsun.name · March 2026