AI Intel Brief

This is the governance story nobody is telling yet. The PQC migration deadline didn't move — the exposure growth rate did. Enterprises are generating more quantum-vulnerable cryptographic code per month than standards bodies produced per decade, and the traditional approach to cryptographic inventory (engineers, spreadsheets, consulting engagements) doesn't scale to a codebase where the AI adds new call sites every day. The right response is the same one we've been arguing on every other audit-grade AI problem: machine-readable inventory, reproducible scans, signed evidence. We shipped an internal tool this week that scans a Python codebase, produces a claim graph of every vulnerable call with its NIST classification and recommended post-quantum replacement, and emits a LYCEUM-compatible replay manifest — same schema as our other audit-ready systems, SHA256-hashed end-to-end, Ed25519-signed by our signing service. An auditor re-runs the command, gets byte-identical hashes, and accepts the evidence without re-doing the work. We're opening conversations with a small number of design partners in defense and critical infrastructure now. Read the full piece.

Covering the primitive space is the prerequisite for everything else we want to do. Every complex reasoning task we have encountered — threat analysis, contract audit, compliance check, anomaly correlation — decomposes into sequences of these eighteen operations. With full primitive coverage, the question stops being "can the system reason about this" and becomes "can the router pick the right decomposition." That is a much more tractable engineering problem, and it is where our work is focused next.

The cleanest result: the next wave of defensible AI services is in places where liability scales superlinearly with user base. That is exactly the shape of professional licensing, regulated compliance, and safety-critical verification — markets where a hyperscaler is structurally barred from playing because their insurance surface is too large. Small, specialized operators with real domain expertise and auditable systems are the natural winners. That is the market we are building for.

RAG is no longer the research-lab trick it was two years ago. For anyone running a local model in production, grounding the prompt in retrieved facts is the single highest-return change you can make to reduce confident-sounding wrong answers. The absolute hallucination drop on factual tasks we have measured is in the fifteen-to-twenty-five percent range, which is the difference between a model that embarrasses you at a demo and one you can hand to an analyst. This should be the default configuration, not an advanced feature.

Cloud LLMs have no memory. Every conversation is a blank slate. For intelligence work that is a serious liability: the same analyst asking the same question a week later should not get a different answer, and the system should not be re-learning the same lesson on every call. Episodic memory turns a language model from a clever autocomplete into something closer to a junior analyst who actually gets better at the job. It is a small architectural addition with an outsized effect on the quality of downstream work.

Composition is where primitive-based reasoning stops being a demo and starts being useful. Single operations cover about twenty percent of real tasks; the rest need two or three operations chained in sequence. A tiny local planner that emits an execution DAG is all you need to unlock that — no giant model, no expensive API call, no cloud dependency. The expensive problem was never the reasoning. It was always deciding which reasoning to do, and in what order.

Running a benchmark offline is not glamorous, but it is the only honest way to measure a local reasoning system. The moment a benchmark involves a cloud API, you are measuring the vendor's performance, not yours. For defense, where anything that matters has to run in environments without cloud access, offline benchmarking is the only number that is actually predictive of field performance. We are going to be publishing these numbers as we improve the system, the same way you would track any other performance metric.

The 1M context window is a game-changer for document-heavy government workflows. An entire OPORD, all annexes, and supporting intelligence products fit in a single context. But it's still a cloud API — the real win is when these capabilities run on local hardware. We're watching the open-source models close the gap.

The trickle-down matters more than the flagship. When data center chips get 2.5x faster, last year's consumer cards (RTX 5070, 5080) become the new floor for edge AI. We're already training and running 3B parameter models on an RTX 5070 laptop. Two generations from now, 7B models will run on hardware that fits in a cargo pocket. That's the trend line for deployable defense AI.

Multi-agent is going mainstream. The big players are validating what we've been building: specialized agents that each do one thing well, chained together for complex analysis. The difference is we don't need Azure. Our agents run on a laptop, offline, with zero cloud dependency. When the market catches up to multi-agent, we'll already be deployed where the cloud can't reach.

Three of our core capabilities are in their focus areas: autonomous decision support (our military swarms), edge deployment (our entire architecture), and contested logistics (our data integrity system). This is the kind of solicitation where being able to demo on a laptop — not a slide deck — is the differentiator. Working system beats PowerPoint.

We did exactly this today. Fine-tuned a 3B model on military intelligence doctrine using QLoRA on a laptop RTX 5070. 37 training examples, 16 minutes, and the model went from generic AI responses to producing doctrinal SALUTE evaluations and threat assessments that use proper military terminology. The barrier to domain-specific AI just dropped to zero. Any organization with a laptop and subject matter expertise can build their own specialized model.

This is validation of our core design philosophy. "The AI said so" has never been an acceptable answer in defense. Our graph-based reasoning is inherently explainable — every conclusion traces to specific nodes and edges in a knowledge graph. Every path is auditable. Every result is reproducible. The new guidelines don't require us to change anything. They require everyone else to catch up.

$10B in revenue means $10B flowing to cloud APIs. Every dollar of that is a recurring cost that scales with usage. Our approach is the opposite: knowledge graphs and local models that cost $0 per query after initial deployment. At government scale — millions of queries across thousands of users — the cost difference between per-query API pricing and a local system is the difference between a sustainable program and one that gets defunded in year two.

This is the future of deployable AI. When a 7B model runs at conversational speed on a standard laptop without a discrete GPU, the hardware barrier for defense AI deployment disappears entirely. Our current system runs a 3B model on a laptop GPU. In 12-18 months, we'll run a 7B model on the CPU alone. Every military laptop becomes an AI-capable platform. No procurement action needed.