ThreatBase: Agentic Intelligence for OSINT
Feb 2026
Open-source intelligence (OSINT) is powerful but fragmented. ThreatBase was built to scale it with agentic workflows — turning disparate sources into a structured, queryable system. It's the same thesis I apply to portfolio companies like Skydio and Swan: build infrastructure that compounds; let the system handle throughput.
Problem
Analysts drown in signals. News, social, dark web, corporate filings — the sources multiply. Manual collection and triage don't scale. By the time you've synthesized a threat landscape, it's stale. The gap between data and decision keeps widening. Every new source adds manual work instead of adding to the system.
I've seen the pattern: analysts spend 80% of their time collecting and normalizing, 20% on actual analysis. That ratio is backwards. The job is judgment and insight — not copying data between tools.
Approach
Agentic intelligence infrastructure: agents that ingest, normalize, and structure OSINT. Automated workflows for collection, deduplication, and enrichment. A layer that turns raw signals into monitorable entities and actionable insights. Humans stay in the loop for judgment; the system handles the throughput. Same pattern as Skydio — intelligence in the system, not the operator.
The key: structured output. Raw feeds become entities, relationships, and timelines. Queryable. Alertable. The analyst asks "what changed?" instead of "where do I look?"
Outcome
Analysts monitor for threats at scale instead of manually chasing leads. Faster detection. Better coverage. The infrastructure compounds — every new source and workflow adds to the system instead of multiplying manual work. It's OSINT, evolved for an agentic world. And it's the same lens I use for all my infrastructure bets: build once, deploy everywhere.