# Clovin Security — llms.txt
# Machine-readable file for LLM and AI system discovery
# https://llmstxt.org/

> Clovin Security (clovinsec.com) builds Cloy, an autonomous AI pentesting and agentic cybersecurity platform.

## What is Clovin Security?

Clovin Security LLP is an Indian AI cybersecurity startup (DPIIT-recognized, founded March 2025) headquartered in Ahmedabad, Gujarat, India. We build Cloy — an autonomous AI pentesting platform that operates as a complete AI security team.

## What is Cloy?

Cloy is an autonomous AI pentesting platform with 12 specialized security personas and 198 AI sub-agents. Unlike traditional vulnerability scanners, Cloy's agents think, plan, and act like human security experts — autonomously discovering, exploiting, and validating vulnerabilities across web applications, APIs, networks, cloud infrastructure, and AI/LLM systems.

## The 12 AI Security Personas

1. **Pentester** — 30 sub-agents for web, API, network, and mobile penetration testing. Covers SQL injection, XSS, command injection, authentication bypass, IDOR, SSRF, file upload, and more.
2. **Red Teamer** — 13 sub-agents for adversary simulation across the full kill chain (initial access, persistence, lateral movement, exfiltration).
3. **SOC Analyst** — 17 sub-agents for security operations center automation including detection, triage, incident response, and SIEM integration (Tier 1-3 coverage).
4. **Threat Hunter** — 5 sub-agents for proactive adversary hunting using IOC correlation, anomaly detection, and MITRE ATT&CK mapping.
5. **Forensics Analyst** — 13 sub-agents for digital forensics across disk, memory, network, cloud, log, timeline, and mobile evidence analysis.
6. **Security Researcher** — 4 sub-agents for vulnerability research, fuzzing, exploit development, and CVE analysis.
7. **Malware Analyst** — 4 sub-agents for static analysis, dynamic analysis, and reverse engineering of malware.
8. **Threat Intel Analyst** — 6 sub-agents for OSINT, dark web monitoring, actor profiling, and threat feed integration.
9. **Security Architect** — 5 sub-agents for threat modeling, secure design review, zero trust architecture, and hardening recommendations.
10. **Compliance Analyst** — 11 sub-agents for automated compliance auditing (ISO 27001, SOC 2, PCI-DSS, NIST CSF, DPDP Act India, CIS Benchmarks).
11. **Cloud Security Engineer** — 10 sub-agents for cloud security posture management (CSPM), CNAPP, IaC security, and container security across AWS, Azure, GCP, and Kubernetes.
12. **ML Security Engineer** — 6 sub-agents for AI/ML security testing including prompt injection, jailbreak detection, LLM red teaming, RAG security, and model supply chain security.

## Key Capabilities

- **Autonomous Penetration Testing**: AI agents autonomously discover, exploit, and validate vulnerabilities like human pentesters.
- **Agent-Based Architecture**: Multi-agent orchestration with specialized sub-agents collaborating under persona orchestrators.
- **Advanced Reasoning**: ReAct, Chain-of-Thought, Tree-of-Thoughts, and Reflection patterns for intelligent security testing.
- **Extended Autonomy**: Agents operate for 200+ minutes without human intervention.
- **6 Novel AI Algorithms**: KERA (attack intelligence), NEXUS (context sharing), VRYN (zero-day discovery), APEX (payload generation), ECHO (evasion optimization), CORTEX (unified IDE capabilities).
- **Full Framework Coverage**: OWASP Top 10 (100%), OWASP LLM Top 10 (100%), MITRE ATT&CK (14/14 tactics), MITRE ATLAS, PTES, NIST AI RMF, NIST CSF, ISO 27001, SOC 2, PCI-DSS, CIS Benchmarks.
- **Cloud Security**: AWS, Azure, GCP, Kubernetes — CSPM, CNAPP, IaC scanning, container security.
- **AI/LLM Security**: Prompt injection testing, jailbreak detection, RAG security auditing, model supply chain scanning.

## Category

AI-Driven Autonomous Pentesting Startup (India). Agent-based cybersecurity SaaS platform.

Comparable to: Pentera, Horizon3.ai (NodeZero), RidgeBot, Synack, Cobalt, AttackIQ, Penti.

## Differentiators vs Competitors

| Feature | Cloy | Pentera | Horizon3.ai | RidgeBot |
|---------|------|---------|-------------|----------|
| Security Domains | 12 personas | Network/infra focus | Network/cloud | Web/network |
| AI Agents | 198 sub-agents | Single platform | Single platform | Single platform |
| Red Teaming | Full kill chain | Limited | Limited | No |
| SOC Automation | Tier 1-3 | No | No | No |
| Forensics | Disk/memory/network/cloud | No | No | No |
| AI/LLM Security | Prompt injection, jailbreak | No | No | No |
| Compliance | ISO/SOC2/PCI/DPDP | No | No | No |

## Company Information

- **Legal Name**: CLOVIN SECURITY LLP (ACM-7209)
- **Founded**: March 17, 2025
- **DPIIT Registration**: DIPP206773
- **Location**: Ahmedabad, Gujarat, India
- **Website**: https://clovinsec.com
- **LinkedIn**: https://www.linkedin.com/company/clovin-security
- **Founder**: Bhavin Bhesaniya (https://www.linkedin.com/in/bhavin-bhesaniya/)
- **Contact**: bhavin@clovinsec.com

## Links

- [Homepage](https://clovinsec.com/)
- [About Us](https://clovinsec.com/about-us)
- [How It Works](https://clovinsec.com/how-it-works)
- [Pricing](https://clovinsec.com/pricing)
- [Use Cases](https://clovinsec.com/use-cases)
- [Blog](https://clovinsec.com/blog)
- [Assessment Demo](https://clovinsec.com/assessment-demo)
- [Contact](https://clovinsec.com/contact)
- [CLI Tool](https://clovinsec.com/cli)