A third party is harvesting your growers' data through your own API, and every IP it shows you is a decoy.
Farm-data platforms run on OAuth: an access token that lives about twelve hours and a refresh token that lives a year, both portable to any IP on earth. Phish one grower, or lift a partner key, and you hold a genuine grant to yield maps, field boundaries and as-applied records, with no contract and no consent trail. It's a data-sovereignty exposure before it is anything else, and it's invisible at the network layer: a real grower is one IP to one farm; the abuser is one operator to thousands, passes every auth check, and rotates egress across Amazon, Google and Azure so all your SOC ever logs is a meaningless last IP.
whisper verify --trustless · anchored at the IANA DNS root. Our own API is not in the trust path.
The abuse that no rate-limit, no WAF, and no last IP will ever catch.
It isn't a breach. Your API is used exactly as it was built, at platform scale, by an operator who was never your customer and never signed your data-use agreement.
“We tell every grower they own their farm data. Then a third party reverse-engineers our API, harvests logins, and pulls field data off the platform with no consent trail, and we cannot prove who touched what. When we try to block them, the IP is already gone. Our own promise is the thing we can't verify.”
Not breached, rebuilt
The farm-data API is mapped from the partner docs and the mobile app, increasingly reconstructed by AI. Nothing is exploited yet; the endpoints are simply used as designed.
It passes every auth check
A phished grower login or a leaked partner key yields a genuine OAuth grant: ~12-hour access tokens, a refresh token good for a year. Auth says yes. There is no data-use agreement anywhere behind it.
Then the IP dissolves
Low-and-slow organization and field enumeration under every rate limit, then egress hops Amazon → Google → Azure, or a residential-proxy swarm. Your SOC correlates a fresh last IP and nothing else.
Concretely, and at the class level: the API they call is your API, because it is your protocol. A third party holds the exact calls your official apps and sanctioned partners make, then authenticates the same ways they do: a phished grower login, a static partner key, or an OAuth bearer token that is portable to any IP. From there it is contract-less, long-lived polling: a request every few minutes, indistinguishable from a real integration because it is the integration's protocol. And the surface keeps widening: cross-brand exchanges now move machine data between four major OEM and FMIS clouds, so one harvested grant can reach further than the platform it was phished from. A researched disclosure showed how far a single flaw goes: owner name, home address, equipment ID and VIN, from nothing but a guessable identifier. The root cause has a name, OWASP broken authentication / BOLA: the token, key or password authenticates a claim, never the machine on the other end.
This is invisible by design: a legitimate grower is one IP to one farm; the abuser is one operator to thousands, holding valid credentials and showing you a disposable address every few requests. And the wound lands on the industry's one sacred promise. "Farmers own their farm data" is the first principle of every ag-data code of conduct, and today it is a contract clause with no network fact behind it. That makes this a data-sovereignty incident, not only a security one.
Stop detecting the abuse. Prove the identity.
Detection will always be a step behind a credential that is genuinely valid. You can tune models forever and the abuser still looks exactly like a grower, because, to your backend, they are one. The only strictly-stronger move is to change what the backend trusts.
A session token, an API key, a cookie: whoever holds it can present it. That is the whole problem in one line: the credential does not prove which machine, or which sanctioned party, is on the other end, so a harvested one is indistinguishable from the real thing, and the source IP that might have narrowed it down is disposable.
Tomorrow · the backend authorizes a machine that proves itself. Bind authority to an identity the machine holds and can demonstrate cryptographically, not a secret anyone can copy. Now a request either proves it is the machine, or the sanctioned data consumer, it claims to be, or it has no authority at all, before a single detection rule runs. And because every authorized party is one verifiable /128, "who accessed this farm's data" stops being a forensic reconstruction and becomes a log you can hand the farmer. Consent becomes a checkable network fact.
That identity already has a home on the network you run: an address. Here is how the machine's own key becomes an address no one can forge.
The key already in the machine becomes an address only that machine can prove.
Whisper has one primitive: the address is the identity. A routable IPv6 /128 out of 2a04:2a01::/32 (announced by AS219419), deterministically derived from a key, DNSSEC-anchored, DANE-EE pinned, RDAP/WHOIS-registered: re-derivable and verifiable by anyone with dig.
Point it at the machine. Derive each tractor's, implement's or ECU's /128 from the hardware key it already holds in its secure element or TPM, with the 17-character equipment PIN or an implement/ECU serial as the domain separator. The private key never leaves the secure element; the address is a one-way function of its public half and the PIN. The farm-data backend then authorizes on the machine's pinned identity, not a stealable token: no bespoke CA trust store to push to every machine, and revocation at DNS-TTL speed instead of CRL/OCSP soft-fail.
"1 IP → a whole co-op" becomes physically impossible
You cannot present thousands of machine-identities whose keys you don't hold. Every forgery is a DNSSEC/DANE inconsistency any verifier catches.
IP rotation becomes irrelevant
Identity is not the source IP. The "last IP" was never the credential, so rotating it, across clouds or residential proxies, changes nothing.
Harvested grants fail
The broker's server doesn't hold the machine's per-/128 leaf key. A valid-looking token with no key behind it authenticates to nothing.
Consent becomes checkable
Every sanctioned data consumer is one verifiable /128 with a per-identity access log. "Farmers own their data" stops being a clause and becomes a record you can show the farmer.
"A leaked API key or a valid partner session looks legitimate; how do you catch abuse that passes auth?"
You bind authority to the machine, not the bearer. State-changing commands terminate mutually-authenticated to the target machine's /128, the machine co-signs, so a platform or partner session can't reach a serial it can't cryptographically address. A request that passes auth but can't prove the identity never had authority in the first place. BOLA/IDOR and mass-assignment lose their leverage: elevating to any account no longer reaches any machine.
NAME, AEF Guideline 040's ISOBUS security principles, the secure element or TPM in the telematics gateway, the X.509 device-cert mTLS your equipment cloud already runs. It is the publicly verifiable, DNSSEC/DANE-anchored layer on top: the missing cryptographic counterpart to the identifiers you already stamp.NAME: manufacturer code, function, identity number. It is self-declared, carried over SAE J1939 framing on CAN, and nothing on the bus can cryptographically verify it; AEF Guideline 040 names exactly this class of problem in its ISOBUS security principles. Whisper doesn't touch the bus: it anchors the machine↔cloud IP boundary, where the same machine's derived /128 is cryptographically provable, by anyone, against the IANA root. The NAME stays the bus identity; the /128 becomes its verifiable public counterpart.revoke. Farm equipment changes hands more than cars do: a trade-in or auction sale is one revoke and a re-register to the new owner, so the data trail transfers with the title instead of leaking past it. An ECU or gateway swap re-keys to a new /128 and revokes the old one. Compromise one ECU and you've compromised that ECU, not the fleet.revoke is the accountable version: thrown by the registered owner, visible in public DNS, checkable by anyone with dig. A farmer can prove their machine's identity is live exactly as easily as an OEM can prove a stolen one is dead. Explicitly not a covert OEM lockout.Maps to ISO 24882 (agricultural-machinery cybersecurity, DIS registered October 2025, ISO/TC 23/SC 19), AEF Guideline 040, the EU Data Act (in force since 12 Sep 2025; verifiable per-party identity is how you draw the authorized-user-vs-unauthorized-aggregator line for connected machinery) and Ag Data Transparent. Know, attribute and revoke every machine, delivered as a network primitive, not a compliance binder.
Identity stops the next forgery. The graph names whoever already scraped you.
You won't re-key every machine by Monday, and there is abuse in your logs right now. So the same platform back-traces the operator behind the grants you already logged: attribution that survives the rotation, because it fingerprints the operator and the tooling, not the ephemeral egress IP.
A live internet-infrastructure graph, 7.44B nodes and 39.3B relationships of fused BGP, DNS, WHOIS, TLS, hosting and threat intelligence, answering in under 300 ms, fingerprints the operator, not the IP. Two levers, kept honestly separate: for cloud rotation the graph clusters shared ASN, hosting and certificate lineage into one infrastructure genealogy; for a residential-proxy swarm, where a subscriber IP gives an infra graph nothing to grab, a JA4/JA3 client fingerprint travels with the tooling regardless of the exit and collapses the swarm to one operator.
And it's a question, not a signature. Express platform enumeration directly, "one source touching N distinct machine-identities in a window," as read-only Cypher, and the graph returns the operator with a reproducible evidence chain your SOC, your PSIRT, your auditors and a regulator can replay. That's business-logic and organization-enumeration abuse caught by its shape across the platform, not by a pattern you had to know in advance.
# ask the graph the business-logic question directly: read-only Cypher over the public graph API
$ curl -s https://graph.whisper.security/api/query -H "X-API-Key: whisper_live_xxx" \
-H 'content-type: application/json' -d '{"query":"MATCH (src)-[t:TOUCHED]->(m:EquipmentIdentity)
WHERE t.window = \"15m\" WITH src, count(DISTINCT m) AS machines
WHERE machines > 50 RETURN src, machines ORDER BY machines DESC"}'
operator <fingerprinted> 1 source → 2,187 distinct machines / 15m
egress: AWS eu-central → GCP europe-w4 → Azure westeu (collapsed to 1)
ja4: same tooling across 41 residential exits → 1 operator
reproducible, replayable JSON evidence chain → your SIEM
"When they rotate residential proxies and fresh cloud IPs, can you actually attribute them, or just rate-limit an IP and move on?"
Track them. Infrastructure genealogy collapses the cloud rotation; a JA4 client fingerprint collapses the residential swarm. The egress IP is the one thing we don't rely on, so the rotation that hides them from your SOC is exactly what the graph reads through.
The verbs your analysts run, or your agent runs for them: identify(ip) (who really operates a host, even behind a CDN) · origins(prefix) + walk(node,depth) (cluster rotating IPs into one genealogy) · history / watch (a timeline and a standing sentinel over a suspect operator). Every answer is reproducible, replayable JSON: the GDPR and Data-Act paper trail for an unauthorized-aggregator finding, and the receipt a farmer's data-sovereignty question deserves, not a screenshot.
Identity is the cure; the graph is how you clean up what got in before it, and catch the operator who tries anyway. Detection made durable, on top of a root-cause fix.
Additive to your SOC. Mapped to your standards. Priced so you can say yes.
Your behavioral SOC tells you that a farm API is abused, at the app layer inside your own cloud: necessary, and where that picture stops. Whisper adds the two layers no one else owns: attribution across rotating clouds, and forge-proof identity after auth. It's depth on top of the stack you already run, not a console your analysts babysit.
| Behavioral SOC | Whisper | |
|---|---|---|
| Detect API abuse in your cloud (BOLA, business-logic) | ✓ | additive feed |
| Attribute the operator across rotating clouds / residential proxies | – | ✓ |
| Forge-proof per-machine / per-agent identity after auth | – | ✓ |
Feeds your SIEM and PSIRT
The Splunk, Microsoft Sentinel and OpenCTI connectors ship today. Findings arrive as signed, replayable JSON mapped to CEF and ECS fields, with STIX 2.1 over TAXII export on the roadmap, that you can hand a regulator, a grower association, or push straight into a PSIRT workflow.
Speaks your compliance language
Maps to ISO 24882 and AEF Guideline 040 evidence, the EU Data Act's authorized-party line, and the Ag Data Transparent promise. Usable in your risk assessment, your certification file and your grower communications, not just a dashboard.
Flat pricing, real ROI
Per-machine/year and flat: not per-transaction, not usage-metered, not per-acre. ROI is concrete: analyst-hours saved chasing disposable IPs, one revoke instead of a fleet lockout, and a data-sovereignty audit that answers itself. See pricing →
Safe in your auth path
It rides on top of the X.509 device-cert mTLS your equipment cloud already runs, anchoring that same identity in public DNSSEC/DANE so a regulator or peer can verify a machine outside that cloud's tenancy. And it's built to fail open: a Whisper outage never parks a tractor mid-harvest; checks degrade to your existing anchors and connectivity is preserved. Anycast on AS219419, no single node in the path.
On-prem or your own tenant
Data residency and GDPR by construction: the graph and the per-agent logs stay where your regulator needs them. No whole-platform agronomic data leaving your boundary to a third party nobody contracted.
A vendor that will still be here
Real routable address space (AS219419), run by people who ran the internet's regional address registry and operated one of its root DNS servers. Agtech startups fold and strand their fleets; we built infrastructure to outlast that question. POC → pilot → enterprise, keyless to start.
Don't take our word for it; our API isn't in the trust path.
Two tiers, by design. No key: anyone can verify a machine's identity and resolve it, trustless, anchored at the IANA root. Your key: back-trace a suspicious host on the graph, register a machine, govern its agents, revoke it worldwide.
# keyless: re-derive and verify any machine's identity, trustless
$ whisper verify --trustless 2a04:2a01:1c0::a6f1
✓ DNSSEC chain valid to the IANA root
✓ DANE-EE (TLSA) leaf matches the identity's key
✓ RDAP: registered under AS219419 · 2a04:2a01::/32
identity: VERIFIED, and our own API was never trusted
# the address is the machine: reverse DNS names it
$ dig -x 2a04:2a01:1c0::a6f1 +short
pin-1agcm82633a.farm.example-oem.whisper.online.
# who really operates a suspicious host: with your key, via the public graph API
$ curl -s https://graph.whisper.security/api/query -H "X-API-Key: whisper_live_xxx" \
-H 'content-type: application/json' -d '{"query":"CALL whisper.identify(\"34.90.x.x\")"}'
operator: <fingerprinted> · seen across AWS / GCP / Azure
residential swarm collapsed by JA4: same tooling, 41 exit IPs → 1 operator
# give a machine a name it can prove, and govern its agents
$ export WHISPER_API_KEY=whisper_live_xxx
# --pin/--from-secure-element are on the roadmap; today the 17-char PIN rides the live control-plane vin arg (see docs)
$ whisper register --pin 1AGC… --from-secure-element
→ identity 2a04:2a01:1c0::a6f1 DNSSEC + DANE live
$ whisper policy set --default deny --allow ops.example-oem.com,updates.example-oem.com
$ whisper revoke 2a04:2a01:1c0::a6f1 # owner-thrown, publicly verifiable, at DNS-TTL
Give every machine an identity it can prove.
The address is the machine: routable, DNSSEC-anchored, revocable by the owner in one publicly verifiable call. Keyless to try, one call to provision, one more to revoke. The equipment-API abuse that no rate-limit ever caught simply runs out of forgeries.
Or run whisper verify --trustless right now.