Platform · Intelligence layer
Context that closes the gap.
Internal evidence tells part of the story. Open-source intelligence fills the rest. Setara's intelligence layer joins both into a single, defensible picture so your team sees what the other side already knows.
The problem
The other side has context you do not.
In any complex matter, one party typically holds more information than the other. Counterparties, regulators, and adversaries conduct their own research before engaging. They arrive with open-source findings, corporate registry data, media records, and relationship maps already in hand. Your team, working only from internal documents, enters at a structural disadvantage. That gap is not an intelligence failure. It is a workflow gap: no practical method exists to attach public context to private evidence at the speed investigation demands.
- Analysts manually cross-reference public registries, news archives, and corporate records one source at a time
- Findings exist in separate tools with no audit trail linking them back to the underlying evidence
- Context attached informally cannot be cited, verified, or defended in proceedings
- Non-linear events produce scattered signals that do not resolve into a coherent picture without active connection work
Email
Document
Audit log
Message
Screenshot
Public filing
External signal
Internal evidenceOpen-source context
Solution
OSINT context, attached to evidence, not appended to a separate report.
Setara's intelligence layer operates at the point where raw evidence enters the system. As documents, messages, logs, and file extracts are ingested, the layer identifies entities: people, organisations, addresses, dates, financial references, digital identifiers. It then enriches each entity with open-source context drawn from corporate registries, public filings, media records, and other verifiable sources. Every enrichment carries its source, its retrieval timestamp, and a confidence indicator. The attachment is defensible because it is traceable: each context node records where the data came from and when.
- Entity extraction across all ingested evidence types: email, Slack, CSV, audit logs, screenshots, documents
- Automatic open-source enrichment at the entity level, not the document level
- Source, timestamp, and retrieval method recorded for every context attachment
- Enriched entities feed directly into the Evidence Map, Relationship Graph, and Timeline outputs
Azure activity
Gmail · M365
Phone calls
Transcriptions
Screenshots
Documents · PDF
Slack · Teams
Audit logs
CSV · datasets
Public context
Setara
core
Structured timelineEvidence mapConnected pathwayCounsel-ready brief
Feature · Entity resolution
Signals that do not connect themselves get connected here.
Complex matters rarely follow a straight line. A message sent in week one, a transaction recorded in week six, and a corporate registration filed three years earlier may all describe the same event from different angles. Without active connection work, those signals remain isolated facts. Setara's intelligence layer uses entity resolution and relationship mapping to identify when two data points refer to the same real-world entity, even when names are spelled differently, roles have changed, or the connection runs through an intermediary. The result is a Relationship Graph that shows paths you would not find by reading documents sequentially.
- Entity resolution across variant spellings, role changes, and indirect relationships
- Cross-source matching between internal evidence and open-source records
- Relationship paths surfaced as graph nodes, not as buried text findings
- Hidden connections visible in matter-2419 demo: a three-hop corporate relationship resolved from four independent source documents
matter-2419 · entity resolutionconnecting
Step 1 of 5·Show raw evidence
Filter by source
Signal legend
Evidence signalPotential anomalySystem eventSupporting sourceNeeds reviewRelationship path
Reconstructed sequence
pending
Reveal signals and draw pathways to reconstruct the sequence.
Explain this connection
Tap any signal or pathway to see why it matters to the wider sequence.
Feature · Provenance
Context attached without a traceable chain is context that cannot be used.
Courts, regulators, and opposing counsel challenge the provenance of intelligence findings. An OSINT attachment that arrives as a paragraph in an analyst's email carries no chain of custody. Setara enforces provenance at the point of collection: every piece of open-source context records its source URL or registry identifier, its retrieval date and time in UTC, the method used to retrieve it, and the analyst or automated process that attached it to the matter. This is not documentation added after the fact. It is structural: the attachment cannot exist in Setara without its provenance record.
- Source URL or registry identifier captured for every open-source enrichment
- UTC retrieval timestamp recorded automatically, not entered manually
- Audit log links each context attachment to the evidence node it enriches
- Briefings exported to counsel include the full provenance table alongside findings
setara · matter-2419 · assembling contextlive
provenance · matter-2419 · exportsigned
| Entity | Source | Source URL | Retrieved (UTC) | Method | Attached by |
|---|---|---|---|---|---|
| Apex Holdings Pty Ltd | ASIC Company Register | asic.gov.au/... | 2025-04-12 03:14 UTC | Registry lookup | Setara Core |
| J. R. Whitman | AFR archive | afr.com/... | 2025-04-12 03:16 UTC | Media search | analyst@firm |
| 207 Collins St | VIC Land Registry | landata.vic.gov.au/... | 2025-04-12 03:18 UTC | Registry lookup | Setara Core |
| Domain · vendor-x.io | WHOIS · RDAP | rdap.org/... | 2025-04-12 03:21 UTC | DNS lookup | Setara Core |
Feature · Non-linear time
Non-linear events need a layer that reads across time, not just within it.
When an event does not unfold in sequence, standard timeline tools misrepresent it. A dispute that surfaces in month twelve may have its roots in a corporate structure change in year two, a personnel move in year four, and a contract amendment in year nine. Each of those prior events may be visible only in open-source records. Setara's intelligence layer places OSINT findings on the same timeline axis as internal evidence, so the full causal arc is visible in a single view. Gaps become explicit. Prior signals become anchored to the record. The briefing your team produces reflects the actual shape of the matter, not just what was in the disclosure folder.
- OSINT findings placed on the same Timeline axis as internal documents and messages
- Temporal gaps flagged explicitly when the record shows activity before or after a cluster
- Prior public signals, such as regulatory filings and corporate changes, anchored to the matter timeline
- Briefings reflect the full arc of a matter, including the period before internal evidence begins
Challenge layer
The asymmetric environment
9 yrs
Timeline span
matter-2419
23
OSINT anchors
registry · media
11
Prior signals
before evidence begins
4
Temporal gaps
flagged explicitly
3
Causal hops
resolved
Non-linear sequencePrior public recordTemporal gapCausal arcOSINT anchorSame axis
Explainer
From raw evidence to resolved output.
The intelligence layer sits inside Setara Core, the processing engine that takes scattered inputs and produces structured outputs. Raw evidence enters: emails, logs, documents, screenshots, Slack exports, CSVs, and audit records. Setara Core runs entity extraction, timeline construction, relationship mapping, and open-source enrichment in a single pass. The intelligence layer is not a separate enrichment step you trigger manually. It runs as part of the core flow so that every resolved output, whether a Timeline, Evidence Map, Relationship Graph, or structured briefing, already contains the full context picture.
- Input types: emails, messages, logs, documents, screenshots, CSVs, audit logs
- Processing: entity extraction, open-source enrichment, relationship resolution, timeline anchoring
- Outputs: Timeline, Evidence Map, Relationship Graph, counsel-ready structured briefings
- Every output is a complete view, not a raw data export requiring further analyst work
setara · matter-2419 · assembling contextlive
Scattered evidence
email · 09:14
screenshot.png
audit log · gws
doc · NDA-v3
chat · slack
OSINT · domain
Structured sequence
Day 1 · Tue
09:14Inbound email, vendor NDA
10:02Drive download · 38 files
11:47External upload · personal acct
14:21Public filing match · OSINT
16:08Audit log · privileged access
Briefing
Counsel-ready in 41h
Audience
Built for teams where the matter is the work.
Setara's intelligence layer is relevant wherever a matter involves multiple parties, a non-linear timeline, or public context that internal records do not capture on their own. Legal teams use it to build defensible briefings for proceedings. Cyber teams use it to trace threat actors and infrastructure across public and internal signals. Business and risk teams use it to assess counterparty exposure before a decision is made. The output format is the same across all three: a structured, citable record that a non-technical reader can follow.
- Legal teams: build counsel-ready briefings that cite open-source findings with full provenance
- Cyber teams: trace infrastructure, actor relationships, and campaign history across OSINT and internal logs
- Business and risk teams: assess counterparty structures, prior conduct, and related-party exposure before commitment
Email
Document
Audit log
Message
Screenshot
Public filing
External signal
Internal evidenceOpen-source context
Request access
See the intelligence layer on a real matter.
Matter-2419 is a demonstration matter built from the kind of complex, non-linear evidence Setara is built for. It shows entity resolution across variant spellings, a three-hop corporate relationship surfaced from four documents, OSINT context anchored to a timeline spanning nine years, and a full provenance table ready for export. Request access to work through it.
setara · matter-2419 · assembling contextlive