Security
Face detection security system
On-prem perimeter analytics with fast alerts and immutable audit logs.
Problem
A regulated site could not send raw video to public clouds; the prior vendor missed tail events and lacked forensic workflows operators trusted.
Solution
We deployed a distilled detector and tracker on a local GPU pool with a signed evidence chain and an operator console with clear escalation paths.
Process
How we moved from intake to production scale.
- 1
Threat modeling
Clarified data residency, retention, and evidence admissibility needs.
- 2
Pipeline
RTSP ingest, decode farm, distilled detector + tracker DAG on local GPUs.
- 3
Review UX
Operator console with clip review, annotations, and escalation playbooks.
- 4
Hardening
Signed media chain, WORM tier for holds, precision/recall monitoring.
Before vs after
Positioning snapshot—pair with metrics below for diligence.
| Before | After |
|---|---|
| Cloud-only vendor & leaks | On-prem GPU + signed evidence chain |
| Noisy alerts | −62% false positives vs legacy |
| Slow forensic workflows | Operator console with escalation paths |
Architecture (flow)
Cameras → decode → CV models → policy engine → alerts → case UI → archive
RTSP ingest → decode farm → inference DAG → alert bus → case UI → WORM storage tier for holds.
Tech stack
Results
Security operations gained consistent playbooks with measurable alert precision.
118ms
p95 inference
−0%
False positives
High
Audit readiness
- Sub-150ms alert path for critical events
- Immutable audit trail for compliance reviews
- Major drop in false positives versus prior vendor
p95 inference 118ms · −62% false positives vs legacy vendor
Screenshots
Illustrative product and analytics surfaces—swap for client-branded assets when sharing externally.
Related case studies
Get a similar solution
Share constraints—we'll mirror architecture, stack, and rollout patterns.