Product Deep Dive — Submarine Enterprise Intelligence Platform

What Submarine Is

Submarine is a graph-native investigation platform that unifies cases, entities, evidence, timelines, and narratives into a single, auditable intelligence fabric.

It is designed for complex, multi-source investigations where:

Evidence is fragmented across formats and sources
Entities span multiple cases
Relationships are non-obvious
Auditability and chain of custody are non-negotiable
Collaboration across teams, devices, and organizations is required

Who Submarine Is For

Analysts

Financial crime, fraud, insider threat, due diligence, counterintelligence

Investigators

Law enforcement, regulatory enforcement, internal investigations

Journalists

Investigative journalism, OSINT, document leaks, public interest research

Enterprises

Compliance, legal holds, litigation support, risk management

Government

National security, critical infrastructure protection, cross-agency collaboration

Why Submarine Exists

Investigations Fail When:

Evidence lives in silos
Analysts cannot see cross-case patterns
Audit trails are incomplete
Collaboration is fragmented
AI is opaque or uncontrollable

Submarine Solves This By Being:

Graph-native: Relationships are first-class citizens
Auditable: Every action is logged immutably
Collaborative: Real-time sync, presence, comments, shared cursors
Explainable: AI suggestions are ranked, reviewable, and human-supervised
Federated: Multi-org, multi-region, zero-trust

How Submarine Works

Core Domain (v1.0)

Component	Description
Cases	Investigation containers with metadata, provenance, versioning
Entities	People, organizations, assets, accounts, devices, locations
Evidence	Documents, images, audio, video with chain of custody
Graph	Entity-relationship graph with path reasoning and explanations
Timelines	Event sequences with temporal analytics
Notes	Analyst annotations with mentions and threading
Tasks	Investigation task management

Intelligence Layer (v1.1 → v1.5)

Capability	Description
Workflow Engine	Triggers, actions, conditions, state machine, audit hooks
Graph Explanations	Path reasoning, cluster explanations, relationship summaries
Narrative Intelligence	Narrative generator, diffs, timelines, contradiction detection
AI Suggestions	Suggestion engine, ranking, feedback loop, safety constraints
Cross-Case Intelligence	Entity resolution, pattern detection, case similarity, CCI alerts
Graph Analytics	Centrality, community detection, temporal analytics, pathfinding, heatmaps
Evidence Intelligence	Document, image, audio, video analysis with graph/narrative linking
Knowledge Base	Knowledge objects, extraction, search, governance

Collaboration Layer (v1.2 → v1.5)

Capability	Description
Presence	Real-time user presence
Comments	Threaded comments on any object
Mentions	@-mentions with notifications
Shared Cursors	Collaborative graph navigation
Activity Feed	Team activity stream
Personalization	Analyst profiles, personalized views, dashboards, privacy controls

Platform Layer (v1.3 → v1.5)

Capability	Description
Audit System	Immutable audit trails, compliance exports
Plugin System	Sandboxed plugins with permissions and event hooks
Identity Federation	SAML, OIDC, SCIM, JIT provisioning, MFA, WebAuthn
Mobile Clients	iOS, Android with offline mode, sync queue, evidence capture
Sync Fabric	Real-time distribution, device sessions, conflict resolution, continuity
Red Team Mode	Scenario engine, synthetic data generators, playbooks, scoring

v1.4 Foundation

Submarine v1.4 hardened the platform for enterprise deployment:

Centralized RBAC Registry

Unified permission model across all subsystems

Centralized Event Catalog

Standardized event types for audit and integration

Centralized Metrics Registry

Unified observability across all components

Security Model

Identity federation, session security, MFA, WebAuthn

Sync Fabric

Real-time distribution, offline/online transitions, conflict resolution

Mobile Clients

iOS and Android with offline mode and evidence capture

v1.5 Intelligence Ecosystem

Submarine v1.5 transforms the platform into an enterprise intelligence ecosystem:

Phase	Capability
Cross-Case Intelligence	Pattern detection across all organizational cases
Workflows 2.0	Declarative workflow language with AI integration
Knowledge Base	Institutional memory with governance
Graph Analytics Suite	Advanced algorithms with pattern explanation AI
Evidence Intelligence	Multi-modal evidence analysis with graph linking
Deployment Toolkit	Production-grade deployment automation
Red Team Mode	Adversarial testing and training
Personalization Engine	Per-analyst customization with privacy controls
Multi-Org Federation	Secure cross-org collaboration with zero-trust
Submarine Cloud	Managed multi-tenant offering

Security, Audit, Identity, and Sync Guarantees

Immutable Audit Trails

Every action logged with tamper-evident storage

Chain of Custody

Hash-chained evidence custody records

Identity Federation

SAML, OIDC, SCIM, JIT provisioning

Multi-Factor Authentication

MFA, WebAuthn, session security

Zero-Trust Federation

Federated case/evidence sharing with explicit trust policies

Real-Time Sync

Conflict resolution, offline/online transitions, continuity state

Compliance Exports

Audit trail exports for regulatory compliance

Plugin Sandboxing

Isolated plugin execution with explicit permissions

Integrations & API

Connect Submarine to your existing infrastructure and workflows

REST API

Full programmatic access to cases, entities, evidence, graph, and exports. OAuth 2.0 and API key authentication.

POST /api/v1/cases
GET /api/v1/entities
POST /api/v1/evidence/upload
GET /api/v1/graph/query

Webhooks

Real-time event notifications for case updates, entity matches, workflow triggers, and audit events.

Case status changes
Cross-case entity matches
AI suggestion generated
Export completed

Enterprise Connectors

Pre-built integrations for common enterprise systems:

SIEM (Splunk, Elastic, Sentinel)
Ticketing (Jira, ServiceNow)
Document Management (SharePoint, Box)
Identity Providers (Okta, Azure AD)

Full API documentation available upon early access approval.

Deployment Options

Submarine Self-Hosted

On-premises deployment with Helm charts, scaling profiles, backup/restore.

Submarine Federation

Multi-org deployment with federated identity, case sharing, zero-trust.

Submarine Cloud

Managed multi-tenant SaaS with tiered plans and cloud admin console.

Request Early Access

Ready to transform your investigations? Complete the form below to get started with Submarine v1.5.

Full Name *

Email Address *

Organization *

Use Case *

Organization Size (optional)

Investigation Volume (optional)

Message (optional)

No credit card required. We'll reach out within 24 hours.

Your data stays private. We never share your information.