OpsentinelOpsentinel
SpecGuardOpsMindInsight EngineAbout
For regulated manufacturing

Built for shops with
compliance teeth.

Defense, aerospace, oil & gas, medical, semiconductor. The work where one missed clause is the difference between a job that ships and a job that ships back.

Generic AI tools fail the procurement check. Generic “manufacturing software” doesn't know DFARS from AS9100. Opsentinel was built specifically with regulated work in mind — US-hosted, per-workspace isolation, zero-data-retention LLM calls, and the kind of NDA / DPA / data-handling clauses your compliance officer expects in writing before any data moves.

Start with 3 free analyses →Read the security overviewEmail about a regulated-shop pilot

US-hosted · zero-data-retention LLM · NDA before any pilot · Security overview →

The verticals we mean by “regulated”

Where the alphabet soup is non-negotiable.

Examples of the specs and frameworks Opsentinel sees regularly. Not exhaustive — if your work has compliance language we don't list, we still very likely recognise the pattern from adjacent industries.

Defense

DFARS clauses, CUI-handling, supplier flow-down requirements, prime-to-sub paperwork chains.

Aerospace

AS9100 documentation rigor, NADCAP-process-listed materials, special-process specs (heat treat, plating, NDT), customer-prime quality codes.

Oil & gas

API specs, NACE-MR0175, material certs for sour service, pressure-class requirements, high-consequence-area documentation.

Medical

ISO 13485 documentation, biocompatibility callouts, design-history-file linkage, sterilization process specs.

Semiconductor

SEMI specs, ultra-high-purity materials, particulate-control requirements, vacuum-grade surface finishes.

How the platform thinks about regulated work

Three pillars, reframed for compliance.

SpecGuard

Full SpecGuard page →

Catch the compliance gaps before you commit.

  • DFARS clause omissions — supported today. Catches missing 252.225-7012 specialty-metal sourcing, 252.204-7012 CUI handling, 252.246-7003 safety-issue notification, and 252.232-7003 electronic-invoicing clauses at quote time, not after award.
  • AS9100 documentation-rigor — supported today. Catches missing first-article (AS9102) requirements, supplier flow-down gaps, special-process specification holes, customer-quality-code references.
  • ITAR-controlled content flagging — supported today. Detects classification markings (CUI, EXPORT CONTROLLED, ITAR-CONTROLLED), ECCN numbers, USML categories, and access-control language at upload time. Banner surfaced on the results page; no auto-redaction (you control what gets uploaded).
  • Framework-extensible — NADCAP rule pack is on the roadmap. Detection runs on top of the same prompt-augmentation system, so adding a framework is a config change for your workspace, not another integration.
  • GD&T resolution failures — datum chains that don't reference real surfaces, tolerance stack-ups that exceed spec.
  • Material grade ambiguity in regulated environments (304 vs 316 in chemical service, A vs B revisions on legacy specs).
  • Per-workspace opt-in — frameworks are explicit, not auto-enabled. Your risk score doesn't change behind your back when we ship a new rule pack.

OpsMind

Full OpsMind page →

Track compliance drift while work is happening.

  • Supplier flow-down compliance over time — which subs drift on cert paperwork, which slip on AS9102 first-article reports.
  • Recurring non-conformance patterns — same defect on the same machine, same customer, same job type.
  • NADCAP-adjacent process drift — heat-treat cycle deviations, plating-bath chemistry trends, NDT acceptance-rate slips.
  • Customer-quality-code patterns — which prime contractors keep flagging the same issues so you can fix them at the source.

Insight Engine

Full Insight Engine page →

Remember what compliance gaps cost you last time.

  • Prior recert delays surfaced when a similar job recurs — material-cert source, lead time, last-known cost impact.
  • Audit findings from prior years tied to the customer / job-type — visible the next time you quote them.
  • Compliance-related rework patterns made permanent — no more "the senior estimator just remembers Acme always wants this format."
  • Survives staff turnover — when the AS9100 lead retires, the institutional knowledge stays in the system.

Compliance posture

What your CISO will ask first.

The short version. Full detail and our certifications roadmap live on the security overview.

  • US-hosted Supabase Postgres + Storage, per-workspace Row Level Security
  • Zero-data-retention LLM calls — Anthropic Claude via OpenRouter, never used for training
  • Mutual NDA / DPA / custom data-handling clauses available before any pilot
  • Security questionnaires (CAIQ, SIG-Lite, VSA) returned in 5 business days
  • Single-domain allowlist (*.opsentinel.io) — IT-friendly for restricted networks
  • SOC 2 Type 1 in progress · CMMC L2 controls inventory available on request
Read the security overview →Send us your security questionnaire

What we won't do (yet)

The honest list.

If any of these are blocking for your compliance regime, we'd rather you know in 30 seconds than after a 30-minute call.

  • On-prem / air-gapped deployment — roadmap; talk to us about your timeline.
  • FedRAMP authorization — not on the near-term roadmap.
  • Classification-aware automatic redaction — manual workflow today (you control what gets uploaded; we don't auto-classify).
  • Direct integration with prime-contractor portals (PIEE, PRoNet, Exostar) — manual upload only.
  • Real-time CUI tagging at ingest — coming with the on-prem deployment work; not today.

Talk to us about a regulated-shop pilot.

Send your security questionnaire, your data-handling requirements, and the kind of work you do. We'll share controls inventory, sign your NDA, and have a 30-min call to confirm fit before any data moves.

Email about a pilot →Start with 3 free analyses