ROCKETWORX - Xplainable Analytics: Feature - Level Fusion / Data Modality
Equitus.ai, Fusion - KGNN, RocketGraph, and ThreatWorx on IBM Power11 creates a unified, sovereign AI defense architecture known as RocketWorx. The Equitus.ai stack is designed to run "Power-Native," meaning it executes directly on the processor's hardware without needing external GPUs or cloud round-trips.
1. The Native Interface: Building the "RocketWorx" Stack
Equitus.ai "RocketWorx" solution functions as a three-tier intelligence factory on Power11:
Tier 1: Ingestion & Context (Equitus IIS/Fusion)
Equitus IIS (Intelligent Ingestion System) and Fusion (KGNN/MCP) act as the data foundation.
Automated Knowledge Graphs: KGNN automatically ingests unstructured data (PDFs, logs, video metadata from EVS) and structures it into an "AI-ready" knowledge graph.
Power11 Native Execution: It leverages the Matrix Math Accelerator (MMA) and IBM Spyre Accelerator to perform complex semantic mapping and relationship discovery at the silicon level.
Tier 2: Extreme Scale Analytics (RocketGraph xGT)
Once the graph is built, RocketGraph xGT acts as the high-performance query engine.
In-Memory Speed: RocketGraph uses the massive memory bandwidth of Power11 to traverse billions of connections in milliseconds.
- Mission Control: It provides a "natural language to graph" interface, allowing analysts to ask, "Show me all lateral movement from IP addresses linked to last week's firewall breach," which xGT resolves against the Equitus-built graph
Attack Path Mapping: It overlays real-time vulnerability data onto the Equitus knowledge graph.
ArcXOS (Xplainable OpsSec): This ensures that every security alert is "Xplainable." It uses the KGNN’s provenance to show the exact path of a threat, fulfilling ICAM (Identity, Credential, and Access Management) requirements for zero-trust environments.
2. Benefits for IBM Power11 Users
"RocketWorx" stack provides immediate operational advantages:
Total Sovereignty: Data never leaves the Power11 server. This is critical for Defense, Healthcare, and Government sectors that cannot use public cloud AI.
GPU-Free AI ROI: By running AI natively on the Power11 CPU and Spyre cards, users avoid the massive capital and energy costs of NVIDIA H100 clusters.
Proactive "Toxic Combination" Detection: The system identifies not just vulnerabilities, but "toxic paths"—e.g., a vulnerable service connected to a high-privilege user account within a critical subnet.
3. Opportunities for IBM Consulting
This stack provides a high-margin, differentiated "Sovereign AI" play for IBM Consulting to market to Global 2000 and Government clients:
Market Positioning: "The Sovereign Intelligence Factory"
Cloud Repatriation Services: Consulting can lead engagements for clients moving sensitive AI workloads off public clouds and back onto Power11 for security and cost predictability.
Zero-Trust Identity (ICAM) Modernization: Using ArcXOS, consultants can build automated, graph-based identity perimeters that are more resilient than traditional rule-based systems.
Revenue Streams
Custom Graph Ontology Design: Helping clients define how their specific business data (Supply Chain, Financial Transactions, or Intelligence Logs) should be "fused" by the Equitus KGNN.
XAI Compliance Audits: Using the Xplainability features of ArcXOS to help regulated industries (Banking, Life Sciences) meet strict AI governance laws (like the EU AI Act).
Managed Threat Hunting: Offering a "RocketWorx-as-a-Service" model where IBM SOC (Security Operations Center) analysts use the stack to provide ultra-fast threat detection for clients on Power infrastructure.
Strategic Note: For IBM Consulting, the primary "hook" is Efficiency. Marketing this as a way to achieve 10x faster threat discovery with 50% less energy consumption than traditional GPU-based AI stacks aligns perfectly with current ESG and cybersecurity mandates.
ROCKETWORX Xplainable Analytics adds value by moving beyond traditional "list-based" security to a "relationship-based" model. By integrating Equitus (Multi-INT data fusion), RocketGraph xGT (massive-scale graph analytics), and Threatworx (vulnerability intelligence), it creates a unified view that reveals not just what is broken, but how those broken pieces threaten your specific business operations.
The value proposition is built on three core pillars:
1. Feature-Level Fusion (Multimodality)
Standard analytics often use "Late Fusion," where different data sources (logs, cloud assets, SBOMs) are analyzed separately and then combined. ROCKETWORX uses Feature-Level Fusion, which merges these disparate data types into a single "Feature Vector" early in the process.
The Value: It identifies "Toxic Combinations" that single-modality tools miss—for example, linking a low-priority vulnerability in a code snippet to an internet-exposed endpoint that has administrative privileges.
Result: A 98% reduction in research time by providing the full context of an alert instantly.
2. High-Performance Graph Analytics (xGT)
Using the RocketGraph xGT engine, the platform treats your entire infrastructure as a massive property graph.
The Value: Unlike traditional databases that slow down as they jump between data points (traversal), xGT is designed for "exabyte-scale" data. It can traverse hundreds of billions of nodes and edges in memory.
Result: It maps "Attack Paths" in near real-time, showing exactly how an attacker could move from a public-facing asset to your sensitive crown jewels.
3. Explainable AI (XAI) & Remediation
The "Xplainable" part of the name refers to the platform’s ability to move away from "black box" AI.
The Value: Instead of just giving a risk score, it provides a transparent audit trail of why an asset is high-risk, using the graph to visualize the connection.
The "Closed-Loop": It doesn't just report a problem; it leverages Threatworx to generate AI-validated remediation code or scripts (e.g., a patch or a config fix) that can be sent directly to Operations.
Summary of Value Added
How does your current security stack handle the prioritization of "Toxic Combinations" across different data silos?
