About Us
Setec Astronomy Inc operates AS23026 and builds real-time threat intelligence infrastructure. Our ThreatChain platform distributes security threats across a permissioned blockchain, automatically enforcing firewall rules and BGP blackhole routes in seconds.
The internet's threat landscape moves fast. Traditional security relies on centralized feeds that are slow, siloed, and expensive. We believe threat intelligence should be distributed, immutable, and automated.
ThreatChain uses a permissioned blockchain to create a shared threat registry that every participant can trust. When one node detects an attacker, every node blocks them — automatically, in seconds, with a full audit trail on the blockchain.
We combine this with BGP blackhole routing via our own autonomous system (AS23026) to push critical blocks to the network edge, and WireGuard tunnels to keep all inter-node communication encrypted end-to-end.
Managing firewall rules across dozens of servers manually. One compromised IP takes hours to propagate. Feeds are delayed. There's no shared truth.
A permissioned blockchain is the perfect data structure for threat intelligence: immutable, distributed, auditable, and fast enough for real-time enforcement.
Permissioned blockchain + nftables + BIRD 2 + WireGuard + FastAPI + fail2ban — all tied together with Ansible. Fully automated, fully auditable, fully open standards.
Built on proven, auditable open-source infrastructure.
Our permissioned blockchain provides 5-second block times, four dedicated data streams (threats, metadata, nodes, audit), and native P2P data distribution across all nodes.
nftables enforcer daemon polls the blockchain every 5 seconds and applies block/monitor rules. BGP injector announces critical threats via BIRD 2 for network-edge blocking.
WireGuard tunnels encrypt all inter-node traffic over IPv6. Hub-and-spoke topology with the seed node as hub. Full dual-stack support from our /44 allocation.
FastAPI provides async REST endpoints and Server-Sent Events for real-time streaming. Rate-limited, API key authenticated, with OpenAPI documentation.
fail2ban integration automatically publishes bans to the blockchain. AbuseIPDB feed ingester imports external threat data. Manual API submissions for analyst-driven intelligence.
Ansible playbook automates the entire deployment across multiple nodes. Heartbeat monitoring, systemd services, log rotation, and health checks are all built in.
Join the ThreatChain network and start mitigating threats in real time.