Investigation memory.

Yonitek preserves not events, but understanding — what was observed, what was interpreted, what evidence supported it, what evidence weakened it, and how confidence evolved over time.

Currently in private development. Public access is not yet available.

What Yonitek is

Yonitek is an evidence-centered investigation memory system. Most tools record what happened. Yonitek records what was understood — how that understanding formed, what challenged it, and how it changed.

The distinction matters. A log entry tells you that process X connected to IP Y at time Z. Yonitek can tell you that, and also: who you believed operated that infrastructure at the time, what evidence supported the belief, what evidence later contradicted it, and what you believe now — with all prior versions preserved.

Yonitek is not an alerting system. It is not a SIEM. It is not a threat database. It is a memory system, designed for the slow, careful work of investigative reasoning.

How it works

Every understanding in Yonitek follows the same reasoning chain.

1 Observation A raw fact recorded directly — what was seen or measured.
2 Evidence The source material that supports or challenges a claim.
3 Interpretation What the evidence might mean — always labeled as inference.
4 Attribution Connecting an observation to an entity or cause.
5 Confidence How certain we are, given all available evidence and its limitations.

Principles

Unknown is a valid state

When the evidence does not support a determination, Yonitek records that honestly. Unknown is not a failure — it is information.

Contradictions are preserved

When new evidence conflicts with prior conclusions, both remain in the record. Contradiction is signal, not noise.

Infrastructure is not service ownership

That an IP belongs to a cloud provider does not mean the provider operates the service. Yonitek tracks these distinctly.

Confidence is an explanation

Not a score. Every confidence level must be traceable to specific evidence in plain language.

Observation is not accusation

Recording that a system communicated with an endpoint does not imply wrongdoing. Yonitek uses neutral language and avoids alarm.

Memory over detection

Yonitek does not alert in real time. It builds a long-term, structured record of what a system did and what it meant.

Current status

Yonitek is in active development. As of May 2026:

✓ Memory engine — Core v1 operational
✓ Observation contract — defined and enforced
✓ Investigation lifecycle — defined
✓ Windows collector — first version running locally
✓ Web UI prototype — built, internal use only
· Public access — not yet available
· API surface — not yet released

This site exists to mark the project's first public presence. Detailed releases will follow.

בעברית

Yonitek היא מערכת זיכרון לחקירה — לא כלי ניטור, לא מערכת התראות, לא מסד נתוני איומים.

המערכת שומרת לא רק מה קרה, אלא מה הובן — כיצד נוצרה ההבנה, אילו ראיות תמכו בה, אילו ראיות החלישו אותה, וכיצד הביטחון התפתח עם הזמן.

עיקרון מנחה: "לא ידוע" הוא מצב תקף. כאשר הראיות אינן תומכות במסקנה, Yonitek רושמת זאת בכנות.

Yonitek נמצאת בפיתוח פעיל. גישה ציבורית עדיין לא זמינה.