← Back to insights
Company Jul 7, 2026 4 min read

Vouchsec is out of stealth

Introducing Ghost Twin and Purple Twin – living, AI-simulated production estates for demoing security products and proving defenses hold.

Today Vouchsec comes out of stealth. We’re introducing two products built on one idea: security deserves a better proving ground than production.

The problem we kept running into

Everything in security is eventually judged against real infrastructure – and real infrastructure is exactly the place where nobody can afford to experiment.

Cyber startups feel this every time they demo. A security product shown against a toy lab with canned data convinces no one; a demo against a prospect’s live estate is out of the question. So teams burn months building fragile demo environments that go stale the moment they stop maintaining them.

Enterprises feel it every time they ask the only question that matters: would our defenses actually hold? Controls are assumed to work. Detections are tested once, at deployment, against traffic that looks nothing like an attack hiding in a normal working day. The honest answer usually arrives with the incident.

Both problems have the same root cause: there has never been infrastructure you could freely attack that genuinely behaves – and logs – like production.

What we built

Ghost Twin is that infrastructure. It uses AI to simulate complete production estates – Windows and Linux hosts, users and identities, services, firewalls, filesystems – as living environments, on demand. Simulated people log in, access files, run backups, and generate the ambient noise of a real working day. Every machine emits logs in native source formats – Windows Security Event Log and Sysmon, Linux auditd and syslog, firewall and application logs – so real detection rules and real pipelines run against them unchanged. You can open a shell on any host and type real commands; the world responds, remembers, and keeps writing logs. Runs can be snapshotted, replayed exactly, or re-run fresh.

Cyber startups use Ghost Twin directly: realistic, traffic-bearing infrastructure to demo, test, and showcase their products against – no customer data, no lab to maintain, available through a UI and an API.

Purple Twin is what we built on top of it for enterprises. It stands up a simulated twin of your estate from read-only config, then runs an autonomous red team against it – hundreds of attack scenarios, continuously. Every action gets a ground-truth verdict on whether it landed, and your real detections are scored against the logs each attack produced. The result is a continuous, evidence-backed answer to “what would get through, and would we see it?” – with zero production blast radius, because nothing ever touches your live systems.

Where we are

Both products are opening to early access now. If you’re a cyber startup that needs infrastructure worth demoing on, or an enterprise that wants defenses proven rather than assumed, we’d love to talk: request early access or write to info@vouchsec.ai.

Proof should replace assumption everywhere security is bought, built, or defended. That’s the company we’re building.

– Michael, Jon & Adam

CompanyAnnouncement