SleuthX Feature Roadmap
What's live.
And what's shipping next.
SleuthX is being built as the personal cybersecurity stack credit-monitoring services can't ship — forensic depth at the center, with identity monitoring, dark-web monitoring, restoration concierge, and identity-theft coverage layering in underneath. The forensic agent is live at sleuthx.ai/app. Below: what runs today, what's shipping next, and the longer roadmap.
Live in the web app today
Available now.
Shipped in sleuthx.ai/app. Forensic intake, the methodology engine for the most common case types, secure case management, and the court-admissible report generator.
Intake & triage agent
- Conversational first-contact ("describe what's happening")
- Service routing (forensics, fraud, attorney, family office, PI, insurance)
- Urgency triage (active threat vs. historical investigation)
- Evidence preservation guidance
- Initial scoping + price estimate
- Engagement letter + NDA generation
Methodology engine
- Stalkerware screening (iOS configuration profile audit, MDM check, jailbreak detection, Android package reconciliation)
- Account compromise audit (login timelines, device list, access logs)
- Identity theft initial workup (credit freeze, IC3 filing assistance)
- Romance scam attribution (image reuse detection, account creation patterns)
- Wire fraud, SIM swap, and crypto scam first-72-hour playbooks
Case management
- Client portal with secure messaging
- Document collection + intake forms
- Status updates + progress reports
- Forensic report templates with chain-of-custody scaffolding
Reporting
- Court-admissible expert report generator
- IC3, FBI, and Secret Service filing assistance
- Insurance claim documentation
- Police report support letters
Shipping over the upcoming quarters
Coming next.
Active threat protection, privacy stack, continuous identity monitoring, and encrypted communications and storage. The scope that replaces antivirus, VPN, password manager, identity-theft monitoring, and dark web monitoring in a single subscription.
Active threat protection
Replaces: Norton 360, McAfee, Bitdefender, Malwarebytes, Webroot
- Endpoint protection (real-time malware scanning, behavioral detection, ransomware shielding)
- Phishing email and SMS link scanning before you click
- Malicious attachment sandbox (preview before download)
- Camera and microphone access auditing (alerts on risky apps)
- WiFi network security scanning (rogue AP detection, evil twin alerts)
- Bluetooth attack surface monitoring (AirTag, tracker-tag detection)
- Real-time URL safety check on every link clicked
- Mobile security scanning (iOS configuration profile audit, Android package reconciliation)
Privacy and secure connectivity
Replaces: NordVPN, 1Password, NextDNS, Brave, Privacy Badger
- SleuthX VPN (encrypted connection, no-logs, multi-region exit nodes)
- Encrypted DNS with malicious domain blocking (phishing, malware, ad and tracker domains)
- Built-in password manager (vault, autofill, breach alerts, weak-password detection, secure sharing)
- Passkey and hardware-key management (YubiKey, Titan, passkey vault)
- Secure browsing extension (tracker blocking, fingerprint resistance)
- Per-app network policy (block specific apps from phoning home)
- Public WiFi auto-protection (forces VPN on untrusted networks)
- Burner phone numbers and disposable email aliases for sign-ups
Identity and continuous monitoring
Replaces: LifeLock, Aura, IdentityForce
- Three-bureau credit monitoring (Experian, Equifax, TransUnion) + freeze and unfreeze automation
- Account takeover detection (impossible travel, new device, new geo)
- SIM swap monitoring (carrier-level alerts)
- Identity theft monitoring (credit pulls, new account opens, address changes)
- Crypto wallet monitoring (suspicious transactions, drain detection)
- Brand and image impersonation monitoring across platforms
- Reverse-phone and caller-ID intelligence on incoming calls
Dark-web monitoring
Replaces: Aura dark-web add-ons, IdentityIQ Plus, IdentityForce, Have I Been Pwned
- Email and account compromise monitoring (multi-feed correlation across breach corpora)
- Continuous scan of paste sites, leak markets, and underground forums
- Credential exposure alerts with severity classification (cleartext password vs hash, freshness)
- Match against your specific accounts, phone numbers, addresses, and SSN
- Forensic context — when leaked, where, alongside which other data
Identity restoration concierge
Replaces: ID-theft remediation included in LifeLock Ultimate, Aura, IdentityForce
- Full-service identity-theft remediation when an incident is active
- Disputes with credit bureaus, banks, and creditors filed on your behalf
- IC3, FTC, and police report filing assistance
- Recovery work that previously required a senior analyst — now a dedicated case team
- Direct line for active incidents; escalation to Quinn for complex matters
Identity-theft coverage
Replaces: Coverage bundled in LifeLock, Aura, IdentityForce premium tiers
- Reimbursement coverage for direct out-of-pocket losses
- Legal-fee coverage for disputes, defense, and recovery work
- Lost-wages coverage during active remediation
- Coverage limits, deductibles, and terms set with the underwriting carrier at launch
- Claims handled via the restoration concierge team
Encrypted communications and storage
Replaces: ProtonMail, Signal, Tresorit, Sync.com, Proton Drive, Backblaze
- SleuthX Vault (zero-knowledge encrypted file storage for evidence and personal files)
- Encrypted backup of selected folders, devices, and cloud accounts
- Secure messaging integration (Signal, Wire, Wickr) with disappearing messages
- Encrypted email integration (ProtonMail, Tutanota) with one-click setup
- Encrypted notes (Standard Notes, Joplin) with cross-device sync
- Hardware-encrypted USB and external drive setup wizards (VeraCrypt, BitLocker, Apricorn)
Longer roadmap
Later.
Forensics automation, OSINT toolkit, hardening and posture, family and multi-device, insurance and legal routing. The professional-grade tooling that takes SleuthX from consumer cyber to a complete practitioner suite.
Forensics automation
Replaces: Cellebrite consumer-tier, Magnet AXIOM, Autopsy, FTK Imager
- iOS and Android device acquisition wizards
- File system analysis (deleted file recovery, slack-space scanning)
- Email header forensics (SPF, DKIM, DMARC trace)
- Photo and video EXIF analysis + deepfake detection
- Communication timeline reconstruction across devices and accounts
- Volatility-style memory forensics for compromised endpoints
- Mobile spyware signature scanning (Pegasus, FlexiSPY, mSpy, Cocospy)
OSINT toolkit
Replaces: Maltego CE, SpiderFoot, Pipl, BeenVerified, Whitepages
- Reverse image search (face match, location ID, image-reuse detection)
- Username and handle correlation across platforms
- Domain WHOIS and IP attribution + historical DNS
- Social graph mapping (LinkedIn, Instagram, TikTok, Facebook, X)
- Public records + court records lookup (county, state, federal)
- Leaked credential lookup (BreachForums, dark web markets)
- Property records, business filings, and licensing lookups
Hardening and posture
Replaces: Optery, DeleteMe, Incogni, Privacy Duck, Authy, Google Family Link
- Personal cyber posture audit (devices, accounts, exposure)
- Privacy settings audit (per-platform: Apple, Google, Meta, Microsoft)
- Data broker removal automation across 100+ brokers (Spokeo, Whitepages, MyLife, etc.)
- Two-factor authentication wizard (push every account to TOTP or hardware key)
- Backup and recovery setup (3-2-1 backup automation)
- Account inventory and cleanup (find dormant accounts, close cleanly)
- Estate digital plan (next-of-kin access if you become incapacitated)
Family and multi-device
Replaces: Bark, Net Nanny, Qustodio, Google Family Link, Apple Family Sharing
- Cover up to 5 devices and 5 family members on one subscription
- Family member onboarding with isolated case files
- Children online safety monitoring (Discord, Roblox, TikTok, Snapchat exposure flagging)
- Elder protection mode (extra fraud-recovery triggers, family alert routing)
- Shared evidence vault for family-wide cases
- Family threat-intel briefings (school district breaches, neighborhood scam patterns)
Insurance and legal routing
Replaces: Coalition personal cyber, IDShield legal, LegalShield
- Personal cyber insurance carrier matching (Coalition, AIG, Travelers, Chubb)
- Insurance claim documentation built from the case file
- IC3, FBI, Secret Service, and FTC filing assistance
- Police report support letters tailored to your jurisdiction
- Court-admissible expert report generator
- Attorney referral network (cyber-fraud, family law, estate, criminal defense)
- Cyber insurance review (read your existing policy, flag gaps)
Most Requested Services
Certified Expertise
GIAC · AWS · Splunk · CompTIA
Roadmap FAQ
Ready to use the agent
Try SleuthX now.
The agent is live. Open the web app and start a case in under a minute.
Active case right now? Call (239) 241-8095 for direct practitioner support.
Schedule Your Session
Questions about a feature on the roadmap?
Email Quinn directly or schedule a 15-minute call.
