Plain-English
answers.

Alcyone Secure is a cybersecurity software company focused on protecting devices in real-world situations. We ship four products: Black Box (forensic flight recorder for Windows), CipherSuite (cybersecurity workspace for pentesters), Risk Awareness Platform (training and DPDP compliance), and DPDP Compliance (technical advisory service for Indian businesses). See our product catalogue.

Black Box is free for individuals, forever. CipherSuite is live and free at ciphersuite.alcyonesecure.in. Risk Awareness Platform offers a free trial at awareness.alcyonesecure.in. DPDP Compliance is a paid service with public tier pricing starting at INR 18,000.

Statistically, the risk is real. The University of Guelph study (2022) found unauthorised file access in roughly half the shops they tested for a battery-replacement job. Apple settled with a customer in 2021 for around USD 90 million after technicians at a repair facility leaked her photos. Read the full incident catalogue and the 12-step pre-repair checklist.

From /download. The installer is 2.9 MB, digitally signed, and works fully offline. Free for individuals.

No. Black Box is forensic monitoring software designed to create tamper-evident records when your device leaves your control. Unlike spyware, it runs visibly on your machine, can be disabled with your PIN, and stores all logs locally. You control settings, data, and exports.

File access and modifications, process execution with full command lines, network connection attempts, USB device arrivals and removals (with VID, PID, serial), PowerShell script blocks executed during a session, critical registry key changes (~18 high-value keys), browser window titles (not URLs or page content), and system configuration changes. Black Box does not record keystrokes, clipboard contents, passwords, or screen pixels. All logs are encrypted and stored locally.

Yes. Black Box runs fully offline by default. It does not need internet to monitor activity or generate logs. Internet is only used for explicit cloud sync, downloads, or support.

Yes. Black Box supports Windows 10 (build 1903 and later) and all Windows 11 versions, both consumer and professional editions. Minimum requirements: 30 MB RAM, 50 MB disk.

The installer is ~3 MB. Activity logs are compressed and encrypted, typically 5 to 50 MB per device depending on activity volume and retention. You can configure retention to manage usage.

Critical security updates ship as needed. Feature releases are quarterly. You will be notified about each update and can choose when to install. Version 1.0.1 shipped May 2026.

BlackBox captures browser window titles, not URLs or page contents. A title like ‘HDFC NetBanking — Login’ is logged as high-risk activity for the audit trail. The actual URL and page content are never read or stored. Private/incognito windows log only that private browsing occurred, with no title content.

No. BlackBox does not capture keystrokes, clipboard contents, or screen pixels. It captures metadata about activity: which programs ran, which commands were executed, which USB devices were inserted, which registry keys changed. Not the content of what was typed or read.

BlackBox subscribes to Windows’ PowerShell logging provider and captures the script blocks that execute during a session. Internal PowerShell housekeeping (tab completion, prompt rendering) is filtered out. Only actual command execution is logged, with a risk classifier flagging known dangerous patterns such as encoded commands, download-and-execute chains, and Defender-tampering attempts.

A curated list of ~18 high-value security-critical keys: persistence locations (Run, RunOnce, services), Defender policy keys, LSA security settings, AppInit_DLLs, Image File Execution Options, Winlogon. Changes to user preferences, browser profiles, or general application settings are not watched.

Not by default. Black Box uses a local-first architecture: every activity log stays on your device, encrypted with AES-256-GCM. Optional cloud sync ships in the next major release and will encrypt client-side with a key only you hold.

Five layers. Local-first storage (logs never leave your device by default), AES-256-GCM encryption (only ciphertext on disk), PIN protection (only you can unlock), no data sales (we do not sell, trade, or analyse your data), deletable logs (you control retention).

Yes. Logs export to JSON or CSV at any time. Analyse them with your own tools, share with a forensic expert, or use them as evidence.

Black Box uses AES-256-GCM (NIST-approved authenticated encryption), SHA-256 hash chains for tamper evidence, and PBKDF2 for PIN derivation. Logs cannot be decrypted without your PIN, modified without detection, or silently deleted. We unpack the math in the hash chains explainer.

Black Box is protected by a PIN that only you know. Technicians cannot disable it without your PIN. If anyone tries, the watchdog logs the attempt into the SHA-256 hash chain, so the interference becomes evidence itself.

It cannot prevent tampering. It creates cryptographically verifiable evidence that tampering happened. In most legal disputes, evidence beats prevention.

A recovery flow is available through your verified email. You can reset your PIN and regain access. For security, encrypted logs cannot be recovered without the PIN; the encryption is designed to be irreversible.

Each log entry contains a SHA-256 hash of the previous entry. Edit one entry and every subsequent hash breaks. Tamper-evidence becomes a property of the file itself, not a policy. Read the full explainer in the hash chains article.

It cannot block a USB device, but it logs every USB arrival with VID, PID, and serial, plus any subsequent file reads at kernel level via ETW. The log is sufficient to reconstruct any exfiltration attempt. See the USB data theft post.

Antivirus tries to detect or block malicious code before or as it runs. BlackBox records what was done with your device, by anyone — including by trusted people who don’t get flagged by antivirus. A technician who opens your photo folder or runs a data-copy command won’t trigger antivirus. BlackBox logs it.

Black Box is legal in most jurisdictions for personal device protection. Local laws on monitoring shared or workplace devices vary, so consult counsel for your specific situation. Black Box is built to align with the DPDP Act 2023 (India), GDPR (EU), and CCPA (USA).

Yes. Tamper-evident logging is one of the technical controls regulators expect from a serious data fiduciary. We unpack the practical compliance work in the DPDP guide for businesses. For full advisory engagement, see our DPDP Compliance service.

They are designed to be. Black Box uses original capture, hash chain integrity, and a documented chain of custody. Admissibility still depends on jurisdiction and the rules of evidence in your case. Read the forensic logging vs activity monitoring post for what courts actually look for.

It depends on your jurisdiction, the disclosures you make, and whether the device is shared. In India, GDPR-equivalent disclosure is the safer baseline. We do not provide legal advice; consult a qualified lawyer for your situation.

CipherSuite is a free, live cybersecurity workspace for pentesters, bug-bounty hunters, SOC analysts, and security students. Findings, evidence, notes, AI-assisted reports, all in one dark-themed environment. Open it at ciphersuite.alcyonesecure.in or read more at /products/ciphersuite.

AI-powered cybersecurity awareness training and DPDP compliance auditing for organisations. Role-based dashboards, scenario-driven assessments, AI tutor explanations, automated PDF reports. Free trial at awareness.alcyonesecure.in. Details at /products/awareness.

A technical advisory service for Indian businesses to become DPDP Act 2023 compliant. Three tiers: Basic Review (INR 18,000 to 30,000), Full Assessment (INR 45,000 to 90,000), Two-Month Programme (INR 1,00,000 to 2,00,000). NDA-first, vendor-neutral, Credly-verified team. See /products/dpdp.

Yes. Black Box gives device-level evidence. CipherSuite is the workflow on top of that evidence. Awareness Platform builds the human layer. DPDP Compliance ties it all to the legal layer. Each product is independently useful and free of vendor lock-in.

Yes. The local protection plan has no subscription, no card required, no hidden upgrade gates. We only charge if you opt into the cloud sync tier when it ships.

Standard individual licences are single-device. You cannot transfer or share a key. Enterprise licences support multi-device deployment. Email contact@alcyonesecure.in for enterprise terms.

Black Box ships free, so refunds do not apply. For paid tiers (when they launch), refunds are available within 14 days subject to your region. For DPDP Compliance engagements, terms are spelled out per contract.

Email support@alcyonesecure.com for general help (24-hour response target). Security disclosures should go to security@alcyonesecure.com. Privacy inquiries to privacy@alcyonesecure.com. Sales and partnerships to contact@alcyonesecure.in.

Yes. Volume pricing, centralised management, dedicated support, and custom integrations are available. Email contact@alcyonesecure.in to discuss.