Pitch Black
Inline control for networks that do not tolerate surprises. Deploy pre‑firewall, post‑firewall, or with no firewall at all - bridge-mode first, built for operators.
Primary deployment is transparent inline bridge mode (L2). You can place Pitch Black pre-firewall, post-firewall, or with no firewall - it does not require a firewall to be useful.
Perimeter defense that stays in scope
Pitch Black is built to be straightforward: inline enforcement, explicit policy, logs you can act on, and remote management for distributed networks.
Transparent inline (bridge-mode first)
Designed for L2 inline bridge deployments so you can add enforcement without re-architecting the network in most environments.
Policy with intent
Define what is allowed, what is denied, and what requires review - without feature creep.
Logs built for investigations
High-signal logging designed to answer real operational questions: what changed, what traversed, and what was blocked.
Outside-perimeter placement
Deploy pre‑firewall, post‑firewall, or with no firewall. Pitch Black does not require a firewall to provide value.
Remote operations
Central management patterns for multi-site rollouts with controlled changes and clear operator ownership.
Built in tandem with AI + humans
Engineered by humans with AI as a disciplined copilot: faster iteration, stronger scrutiny, and fewer blind spots.
Deployment scenarios
Pitch Black is designed to sit at the outside perimeter of your network. Deploy it pre‑firewall, post‑firewall, or without a firewall - without turning your environment into a science project.
Pre-firewall (upstream)
Use this when you want a dedicated inline layer before traffic ever reaches your firewall. It can reduce downstream load and improve signal quality.
Hardware lineup
Two configurations built from the same intent: straightforward perimeter enforcement with operator-grade logging.
Built for racks, built for hands
Pitch Black is a compact perimeter appliance designed to install like standard infrastructure: 1U height with a half-rack footprint. Slide it into a shelf, mount it cleanly, and keep the perimeter in scope.
- 1U height (1.75 in / 44.45 mm)
- Half-rack width (~9.5 in / 241 mm)
- Built for inline bridge-mode deployments
Pitch Black (4‑port)
Best for single-site edges and targeted segment protection.
- •1U half-rack
- •4-port configuration
- •2.5GbE and 10GbE options (by configuration)
- •Request full specs for the complete datasheet
Pitch Black (8‑port)
Best for multi-segment edges and growth-ready installs.
- •1U half-rack
- •8-port configuration
- •2.5GbE and 10GbE options (by configuration)
- •Request full specs for the complete datasheet
Operator interface snapshot
A preview of the Pitch Black operator experience-designed for clarity. UI shown from our Black Hole demo workspace for concept and flow reference; production UX may evolve.
Main dashboard
A calm overview of perimeter posture, active controls, and the signals that matter.
- Status at a glance
- Operational clarity
- Designed for low-noise decisions
Live wire view
A real-time view of what’s traversing the perimeter, and what is being contained.
- On-the-wire telemetry
- Inline decision point visibility
- Fast investigation pivots
Logs
High-signal event trails meant to support investigations and post-incident review.
- Search + filter
- Audit-friendly trails
- Context that maps to operator questions
Attacker toolkit (future module)
A planned internal module for controlled scenario testing, vulnerability scanning, and network analysis-designed to pair technical metrics with IRP/DRP guidance. This is intentionally a roadmap item (not yet available) and not required for Pitch Black’s core perimeter function.
- Internal vulnerability scanning + common network metrics
- Concept: scenario-based testing for validating controls in authorized environments (not yet available)
- Report generation from observed threats and analyzed data
- IRP/DRP development guidance informed by findings
- Education-ready outputs for security awareness and training workflows
Note: roadmap items may change based on operator feedback and pilot learnings.
ElephantSqlDB
Pitch Black’s Quantum component integrates with ElephantSqlDB’s Quantum Cloud Database for centralized security log storage and querying-supporting investigations, reporting, and operational review.
Pitch Black remains focused on the perimeter: enforcement, policy, logging, and remote management.
Specifications (high-level)
We publish only high-confidence, operator-relevant specs here. Request full specs for interface, performance, and environmental details.
| Spec | Pitch Black |
|---|---|
| Form factor | 1U half-rack appliance |
| Lineup | 4-port variant, 8-port variant |
| Network interfaces | 2.5GbE and 10GbE options(By configuration) |
| Primary mode | Transparent inline bridge mode (L2) |
| Firewall requirement | Not required |
| Placement options | Pre-firewall, post-firewall, or no firewall |
| Management | Remote management + centralized policy |
| Logging | Operator-grade logging |
Capabilities
Focused features - built to be used, not to sprawl.
Inline enforcement
A dedicated inline decision point at the perimeter - designed to keep enforcement clear and controllable.
Central policy
One policy source for consistent behavior across sites and deployments.
Operator-grade logging
High-signal event trails that support response, review, and accountability.
Remote management
Manage deployments and changes across sites with a controlled workflow.
Flexible placement
Pre-firewall, post-firewall, or no firewall - choose what fits your perimeter reality.
Hardware-enforced perimeter layer
A physical appliance engineered for consistent behavior at the edge.
Modern Ethernet fit
Designed around practical 2.5GbE and 10GbE environments (full specs available on request).
No certification theater
We avoid compliance claims we do not hold and keep trust language grounded.
Use cases
Branch & retail edges
Standardize enforcement and logging across many small sites.
Datacenter ingress/egress
Add a focused inline layer adjacent to your existing perimeter controls.
Firewall-adjacent hardening
Deploy alongside an existing firewall to reduce downstream pressure and increase signal quality.
Firewall-less environments
For networks without a firewall, Pitch Black can still serve as an inline perimeter enforcement and logging layer.
Trust & operating posture
Enterprise language that stays honest: no absolute guarantees, no invented certifications - just clear deployment boundaries and operator-first design.
Clear deployment boundaries
Inline enforcement, policy, logging, and remote management - kept deliberately in scope.
Change control
Designed for controlled updates and operational clarity, not surprise behavior.
Operator-first ergonomics
Built to be understandable and usable by real teams under real time pressure.
Human-led, AI-assisted development
Developed in a disciplined partnership: humans set intent, AI accelerates iteration, and engineering review keeps reality grounded.
No overpromising
We avoid absolute security claims and keep outcomes tied to what can be operated and verified.
Audit-friendly communication
Language and workflows designed to support internal review and accountability.
FAQ
High-signal answers to the questions enterprise teams ask first.
Request a Pitch Black demo
Send your topology and port needs. We’ll respond with the right variant, deployment guidance, and the launch brief.
Full specs are available on request. No compliance/certification claims are made on this page.