Narrative Intelligence

See the information environment before it shapes the battlefield.

Sovereign, on-prem narrative monitoring across X, Telegram, Bluesky, and RSS with a 12-stage ML enrichment pipeline, campaign detection, DISARM TTP mapping, and interactive graph visualization. Deployed on a single NVIDIA DGX Spark - no cloud dependency, no data exfiltration risk, no internet required after deployment. Operates in SCIF, SIPR, air-gapped, and forward-deployed environments where commercial SaaS tools cannot reach.

The Problem

Disinformation campaigns, coordinated influence operations, and narrative manipulation routinely precede or accompany physical action. These signals live across social media, messaging platforms, and open-source feeds: fragmented, multilingual, and moving fast. Most organizations either ignore the information environment entirely or rely on manual OSINT workflows that cannot keep pace. By the time a narrative threat is recognized, it has already shaped perception. Beyond military information operations, the same dynamics threaten corporate reputation, executive safety, critical infrastructure operators facing coordinated protest or sabotage campaigns, and law enforcement agencies tracking radicalization or pre-attack indicators. The information domain is everyone's problem.

Who Has This Problem

OSINT & Open-Source AnalystsInformation Operations & Influence Teams (MISO/PSYOP/IO)Civil Affairs & Strategic CommunicationsCorporate & Executive Threat IntelligenceProtective Intelligence & High-Value Individual SecurityInsider Risk Management TeamsForce Protection & Security LeadershipLaw Enforcement Intelligence Units
Narrative Intelligence dashboard with enriched post stream, sentiment analysis, and campaign indicators
Actor network analysis with risk scoring, platform linkage, and behavioral indicators
Interactive narrative graph visualization showing campaign clusters, actor networks, and post relationships

Key Workflows

01Multi-platform ingest across X (Twitter), Telegram, Bluesky, and RSS/Atom feeds with automated multilingual translation (NLLB-200, 200+ languages) and language detection
0212-stage sovereign ML enrichment pipeline: Ingest, Language Detection, Translation, Embeddings, Named Entity Recognition, Geocoding, Persuasion Classification, Claim & Emotion Detection, Topic Clustering, LLM Narrative Assessment, Persistence, and Policy Evaluation - all on-prem, no data leaves your network
03Interactive campaign tracking with actor, post, and event linking mapped to the full DISARM Red Framework (Phase, Tactic, Technique) for structured influence operation analysis and reporting
04Coordinated inauthentic behavior detection: surface bot networks, amplification patterns, synchronized posting cadence, and cross-platform coordination indicators
05Interactive graph visualization (up to 50,000 nodes) with ForceAtlas2 layout showing narrative clusters, actor networks, amplification chains, and campaign relationships
06Policy-driven alerting: sentiment thresholds, mention velocity spikes, geo-proximity triggers, and coordinated posting patterns automatically escalate to analysts via the Policy Engine

Capabilities

Multi-platform ingest: X (Twitter), Telegram, Bluesky, RSS/Atom feeds - new connectors added without code changes
Automated multilingual translation (NLLB-200 3.3B, 200+ languages) with FastText language detection
Zero-shot Named Entity Recognition and geocoding for spatial context on the COP
Persuasion, emotion, and stance classification with DeBERTa and GoEmotions models
Topic clustering and campaign detection via BERTopic with temporal evolution tracking
Sovereign LLM narrative analysis (Qwen3-8B on DGX Spark): private, on-prem, no data exfiltration
Interactive graph visualization (Sigma.js, 50k nodes) for network analysis and campaign mapping
DISARM Red Framework TTP mapping for structured influence operation classification
Evidence integrity: SHA-256 hashing at ingest with immutable audit trail for legal admissibility and chain of custody
Structured exports: daily intelligence briefs, incident timelines, and evidence packets with full provenance
Real-time streaming: posts flow through the pipeline and appear on analyst dashboards within seconds
Coordinated inauthentic behavior (CIB) detection: bot networks, amplification patterns, and synchronized posting

Platform Integration

Narrative signals overlay on the COP as geocoded markers. Narrative conditions trigger automated alerts and escalation chains via the Policy Engine. Campaign entities link to actors, posts, and physical indicators across the platform, connecting the information environment to RF, cyber, and kinetic domains. Dual-use across military information operations, corporate threat intelligence, protective intelligence for high-value individuals, insider risk management, and law enforcement pre-warning indicators.

What is Narrative Intelligence? - Doctrine, DISARM, IO, and the full technical reference →
← All capabilities

Related Resources & Insights

Resource11 min read

What is Intelligence Fusion?

Intelligence fusion explained: JDL/DFIG model, multi-INT disciplines, JADC2, and what fusion means for civilian operators.

Resource11 min read

What is Maritime Intelligence?

Maritime intelligence explained: AIS limits, dark vessels, beneficial ownership, sanctions risk, and multi-INT fusion at sea.

Resource7 min read

What is OPSEC?

OPSEC, UTS, and Digital Force Protection explained: the five-step process, five threat vectors, and signature management.

Resource13 min read

What is ATAK?

ATAK explained: TAK clients, EUDs, data packages, mesh networks, federation, plugins, and the CoT protocol that ties it together.

Resource26 min read

Defense & Intelligence Glossary

Defense & intelligence glossary: acronyms and terms for EMSO, C-UAS, JADC2, sensor fusion, SSA, CTF, entity resolution, and TAK.

Resource13 min read

What is Counter Threat Finance?

Counter Threat Finance (CTF) explained: DoDD 5205.14 doctrine, CTF vs. AML, sanctions, shell companies, TBML, and operational software.

Resource10 min read

What is Entity Resolution?

Entity Resolution explained: deterministic, probabilistic, ML, and graph methods for matching records to real-world identities.

Resource13 min read

What is Narrative Intelligence?

Narrative Intelligence (NARINT) explained: detecting and countering influence operations, DISARM framework, CIB, and OSINT.

Resource13 min read

What is EMSO?

EMSO explained: Electronic Warfare, EMBM, JEMSO, Electronic Order of Battle, CEMA, spectrum management, and operational software.

Resource12 min read

What is a Common Operational Picture?

Common Operational Picture (COP) explained: why most COPs fail, display vs. decision surface, edge deployment, and true fusion.

Resource13 min read

What is Space Situational Awareness?

Space Situational Awareness (SSA) explained: orbital tracking, TLEs, the Space Surveillance Network, and counterspace threats.

Resource12 min read

What is Counter-UAS?

Counter-UAS (C-UAS) explained: sensors, fusion, effectors, legal authorities, and layered drone defense for military and critical sites.

Resource12 min read

What is JADC2?

JADC2 explained: why top-down fails, what sensor-up architecture means, and why edge-deployed fusion survives contact.

Resource11 min read

What is Sensor Fusion?

Sensor fusion explained: state estimation, data association, multi-hypothesis tracking, identity provenance, and edge deployment.

Research43 min read

High-Powered Microwave (HPM): From Hard Kill to Residual Risk

3,400 Monte Carlo runs reveal HPM's service-rate ceiling, residual warhead hazard, and cascade failure against 40-400 drone swarms.

Research48 min read

The Devil Dog and the Dragon: USMC IADS vs. PLARF Cruise Missile Saturation

USMC MRIC vs 60 CJ-10 cruise missiles: 92.7% kill rate, then magazine exhaustion at T+28:37. The Marines need more rounds.

Research34 min read

Quantifying Layered Naval Defense Against Hypersonic Glide Vehicles

DF-17 HGV vs Arleigh Burke: 50 Monte Carlo seeds, SM-6 at 23% kill rate, PAC-3 at zero. The timeline is the constraint.

Insight47 min read

Maritime Domain Awareness: The Complete Field Guide

Maritime domain awareness field guide: spectrum, seabed, ownership, and cyber threats that single-domain tools miss.

Insight25 min read

TAK Server on AWS: From Zero to Operational in Under Ten Minutes

Deploy TAK Server on AWS with CloudFormation: TLS, Docker, hardening, and security best practices in under ten minutes.

Insight8 min read

Release Log Vol. 1: Maritime Intelligence & UAS Traffic Management

Empyrean ships Maritime Intelligence, Air Domain Intelligence, and UAS Traffic Management with 20+ data sources and FAA enrichment.

Insight20 min read

The Environment Is Trying to Kill Your Mission. We Want to Mitigate It.

Weather & environmental intelligence that modifies sensor confidence, route feasibility, and UAS BVLOS risk in real time.

Insight73 min read

EMSO Is Everyone's Problem. Let's Do Something About It.

EMSO deep dive: EW history, doctrinal evolution to CEMA, cross-domain effects, and what operators can do about it today.

Insight23 min read

Would the Real Common Operating Picture (COP) Please Stand Up

Most COPs are PowerPoint and uncorrelated feeds. What a real COP requires: fusion, policy, edge deployment, and echelon logic.

Insight7 min read

Building Physics-Backed, Unclassified, Open-Source Defense Research

Introducing Empyrean Defense Research: unclassified, physics-backed wargaming. First drop: 1,500 Monte Carlo sims of DF-17 vs DDG.

Insight37 min read

How the Space Domain Impacts Your Operations

Space domain impacts on EW, ground, maritime, air, and information ops — and what you can do to counter them.

Insight74 min read

Sense, Make Sense, Act: How to Conduct Counter-UAS From Sensors to Deployments

Counter-UAS playbook: 8 sensor types, fusion methods, jam vs. shoot decisions, and layered drone defense for DDIL environments.

Insight12 min read

Why JADC2 Needs Sensor Fusion at the Edge

JADC2 assumes persistent cloud and top-down authority. Operators have neither. Why sensor fusion must live at the edge.

Resource11 min read

What is Intelligence Fusion?

Intelligence fusion explained: JDL/DFIG model, multi-INT disciplines, JADC2, and what fusion means for civilian operators.

Resource11 min read

What is Maritime Intelligence?

Maritime intelligence explained: AIS limits, dark vessels, beneficial ownership, sanctions risk, and multi-INT fusion at sea.

Resource7 min read

What is OPSEC?

OPSEC, UTS, and Digital Force Protection explained: the five-step process, five threat vectors, and signature management.

Resource13 min read

What is ATAK?

ATAK explained: TAK clients, EUDs, data packages, mesh networks, federation, plugins, and the CoT protocol that ties it together.

Resource26 min read

Defense & Intelligence Glossary

Defense & intelligence glossary: acronyms and terms for EMSO, C-UAS, JADC2, sensor fusion, SSA, CTF, entity resolution, and TAK.

Resource13 min read

What is Counter Threat Finance?

Counter Threat Finance (CTF) explained: DoDD 5205.14 doctrine, CTF vs. AML, sanctions, shell companies, TBML, and operational software.

Resource10 min read

What is Entity Resolution?

Entity Resolution explained: deterministic, probabilistic, ML, and graph methods for matching records to real-world identities.

Resource13 min read

What is Narrative Intelligence?

Narrative Intelligence (NARINT) explained: detecting and countering influence operations, DISARM framework, CIB, and OSINT.

Resource13 min read

What is EMSO?

EMSO explained: Electronic Warfare, EMBM, JEMSO, Electronic Order of Battle, CEMA, spectrum management, and operational software.

Resource12 min read

What is a Common Operational Picture?

Common Operational Picture (COP) explained: why most COPs fail, display vs. decision surface, edge deployment, and true fusion.

Resource13 min read

What is Space Situational Awareness?

Space Situational Awareness (SSA) explained: orbital tracking, TLEs, the Space Surveillance Network, and counterspace threats.

Resource12 min read

What is Counter-UAS?

Counter-UAS (C-UAS) explained: sensors, fusion, effectors, legal authorities, and layered drone defense for military and critical sites.

Resource12 min read

What is JADC2?

JADC2 explained: why top-down fails, what sensor-up architecture means, and why edge-deployed fusion survives contact.

Resource11 min read

What is Sensor Fusion?

Sensor fusion explained: state estimation, data association, multi-hypothesis tracking, identity provenance, and edge deployment.

Research43 min read

High-Powered Microwave (HPM): From Hard Kill to Residual Risk

3,400 Monte Carlo runs reveal HPM's service-rate ceiling, residual warhead hazard, and cascade failure against 40-400 drone swarms.

Research48 min read

The Devil Dog and the Dragon: USMC IADS vs. PLARF Cruise Missile Saturation

USMC MRIC vs 60 CJ-10 cruise missiles: 92.7% kill rate, then magazine exhaustion at T+28:37. The Marines need more rounds.

Research34 min read

Quantifying Layered Naval Defense Against Hypersonic Glide Vehicles

DF-17 HGV vs Arleigh Burke: 50 Monte Carlo seeds, SM-6 at 23% kill rate, PAC-3 at zero. The timeline is the constraint.

Insight47 min read

Maritime Domain Awareness: The Complete Field Guide

Maritime domain awareness field guide: spectrum, seabed, ownership, and cyber threats that single-domain tools miss.

Insight25 min read

TAK Server on AWS: From Zero to Operational in Under Ten Minutes

Deploy TAK Server on AWS with CloudFormation: TLS, Docker, hardening, and security best practices in under ten minutes.

Insight8 min read

Release Log Vol. 1: Maritime Intelligence & UAS Traffic Management

Empyrean ships Maritime Intelligence, Air Domain Intelligence, and UAS Traffic Management with 20+ data sources and FAA enrichment.

Insight20 min read

The Environment Is Trying to Kill Your Mission. We Want to Mitigate It.

Weather & environmental intelligence that modifies sensor confidence, route feasibility, and UAS BVLOS risk in real time.

Insight73 min read

EMSO Is Everyone's Problem. Let's Do Something About It.

EMSO deep dive: EW history, doctrinal evolution to CEMA, cross-domain effects, and what operators can do about it today.

Insight23 min read

Would the Real Common Operating Picture (COP) Please Stand Up

Most COPs are PowerPoint and uncorrelated feeds. What a real COP requires: fusion, policy, edge deployment, and echelon logic.

Insight7 min read

Building Physics-Backed, Unclassified, Open-Source Defense Research

Introducing Empyrean Defense Research: unclassified, physics-backed wargaming. First drop: 1,500 Monte Carlo sims of DF-17 vs DDG.

Insight37 min read

How the Space Domain Impacts Your Operations

Space domain impacts on EW, ground, maritime, air, and information ops — and what you can do to counter them.

Insight74 min read

Sense, Make Sense, Act: How to Conduct Counter-UAS From Sensors to Deployments

Counter-UAS playbook: 8 sensor types, fusion methods, jam vs. shoot decisions, and layered drone defense for DDIL environments.

Insight12 min read

Why JADC2 Needs Sensor Fusion at the Edge

JADC2 assumes persistent cloud and top-down authority. Operators have neither. Why sensor fusion must live at the edge.

Resource11 min read

What is Intelligence Fusion?

Intelligence fusion explained: JDL/DFIG model, multi-INT disciplines, JADC2, and what fusion means for civilian operators.

Resource11 min read

What is Maritime Intelligence?

Maritime intelligence explained: AIS limits, dark vessels, beneficial ownership, sanctions risk, and multi-INT fusion at sea.

Resource7 min read

What is OPSEC?

OPSEC, UTS, and Digital Force Protection explained: the five-step process, five threat vectors, and signature management.

Resource13 min read

What is ATAK?

ATAK explained: TAK clients, EUDs, data packages, mesh networks, federation, plugins, and the CoT protocol that ties it together.

Resource26 min read

Defense & Intelligence Glossary

Defense & intelligence glossary: acronyms and terms for EMSO, C-UAS, JADC2, sensor fusion, SSA, CTF, entity resolution, and TAK.

Resource13 min read

What is Counter Threat Finance?

Counter Threat Finance (CTF) explained: DoDD 5205.14 doctrine, CTF vs. AML, sanctions, shell companies, TBML, and operational software.

Resource10 min read

What is Entity Resolution?

Entity Resolution explained: deterministic, probabilistic, ML, and graph methods for matching records to real-world identities.

Resource13 min read

What is Narrative Intelligence?

Narrative Intelligence (NARINT) explained: detecting and countering influence operations, DISARM framework, CIB, and OSINT.

Resource13 min read

What is EMSO?

EMSO explained: Electronic Warfare, EMBM, JEMSO, Electronic Order of Battle, CEMA, spectrum management, and operational software.

Resource12 min read

What is a Common Operational Picture?

Common Operational Picture (COP) explained: why most COPs fail, display vs. decision surface, edge deployment, and true fusion.

Resource13 min read

What is Space Situational Awareness?

Space Situational Awareness (SSA) explained: orbital tracking, TLEs, the Space Surveillance Network, and counterspace threats.

Resource12 min read

What is Counter-UAS?

Counter-UAS (C-UAS) explained: sensors, fusion, effectors, legal authorities, and layered drone defense for military and critical sites.

Resource12 min read

What is JADC2?

JADC2 explained: why top-down fails, what sensor-up architecture means, and why edge-deployed fusion survives contact.

Resource11 min read

What is Sensor Fusion?

Sensor fusion explained: state estimation, data association, multi-hypothesis tracking, identity provenance, and edge deployment.

Research43 min read

High-Powered Microwave (HPM): From Hard Kill to Residual Risk

3,400 Monte Carlo runs reveal HPM's service-rate ceiling, residual warhead hazard, and cascade failure against 40-400 drone swarms.

Research48 min read

The Devil Dog and the Dragon: USMC IADS vs. PLARF Cruise Missile Saturation

USMC MRIC vs 60 CJ-10 cruise missiles: 92.7% kill rate, then magazine exhaustion at T+28:37. The Marines need more rounds.

Research34 min read

Quantifying Layered Naval Defense Against Hypersonic Glide Vehicles

DF-17 HGV vs Arleigh Burke: 50 Monte Carlo seeds, SM-6 at 23% kill rate, PAC-3 at zero. The timeline is the constraint.

Insight47 min read

Maritime Domain Awareness: The Complete Field Guide

Maritime domain awareness field guide: spectrum, seabed, ownership, and cyber threats that single-domain tools miss.

Insight25 min read

TAK Server on AWS: From Zero to Operational in Under Ten Minutes

Deploy TAK Server on AWS with CloudFormation: TLS, Docker, hardening, and security best practices in under ten minutes.

Insight8 min read

Release Log Vol. 1: Maritime Intelligence & UAS Traffic Management

Empyrean ships Maritime Intelligence, Air Domain Intelligence, and UAS Traffic Management with 20+ data sources and FAA enrichment.

Insight20 min read

The Environment Is Trying to Kill Your Mission. We Want to Mitigate It.

Weather & environmental intelligence that modifies sensor confidence, route feasibility, and UAS BVLOS risk in real time.

Insight73 min read

EMSO Is Everyone's Problem. Let's Do Something About It.

EMSO deep dive: EW history, doctrinal evolution to CEMA, cross-domain effects, and what operators can do about it today.

Insight23 min read

Would the Real Common Operating Picture (COP) Please Stand Up

Most COPs are PowerPoint and uncorrelated feeds. What a real COP requires: fusion, policy, edge deployment, and echelon logic.

Insight7 min read

Building Physics-Backed, Unclassified, Open-Source Defense Research

Introducing Empyrean Defense Research: unclassified, physics-backed wargaming. First drop: 1,500 Monte Carlo sims of DF-17 vs DDG.

Insight37 min read

How the Space Domain Impacts Your Operations

Space domain impacts on EW, ground, maritime, air, and information ops — and what you can do to counter them.

Insight74 min read

Sense, Make Sense, Act: How to Conduct Counter-UAS From Sensors to Deployments

Counter-UAS playbook: 8 sensor types, fusion methods, jam vs. shoot decisions, and layered drone defense for DDIL environments.

Insight12 min read

Why JADC2 Needs Sensor Fusion at the Edge

JADC2 assumes persistent cloud and top-down authority. Operators have neither. Why sensor fusion must live at the edge.

Empyrean Defense

See Narrative Intelligence

Schedule a walkthrough to see this capability in action.