About InsightsNexus

InsightsNexus is a local-first investigation workspace for independent investigators whose work depends on entities, evidence, and reporting staying connected through the life of a case.

Why it exists

A lot of OSINT and investigative work still happens across tools that don't know about each other. Your graph is in one tool, your evidence captures in another. Notes go wherever you happen to take them. The report draft is whichever document you opened last. The handoff between all of it is screenshots, copy-paste, and your own memory.

The fragmentation gets expensive when you have to explain how you reached a finding, preserve context across a long pivot chain, or hand work off to someone who has to trust it. The transforms ran, the graph got built, the notes got written. The case that ties them together lives only in your head.

InsightsNexus is being built for the gap between a self-assembled tool stack and a heavy enterprise platform. The goal isn't to replace every source or technique you already use. It's to give the investigation itself a workspace where the graph, the transforms, your notes, and the report you eventually write all stay in the same place.

Who is building this

I'm Marco Mendiola. I work in cyber security as my day job, and I first started running OSINT in a SOC. The pivot work - domain to infrastructure, email to account footprint, username to platform sprawl - ends in a report someone else acts on.

The investigative side of the practice came later, through Trace Labs. Running Search Parties for missing-persons cases on a Saturday is how I learned what a real OSINT investigation feels like under time pressure. The graph in your head gets bigger than your notes app. Your transforms, evidence, and story stop fitting in the same place. InsightsNexus is built for that problem.

I'm building this nights and weekends, funded by my day job, with the goal of going full-time if a small group of practitioners tells me the product is worth paying for. Founder-led because the first useful version needs close contact with the people doing real investigative work, not a broad beta that produces shallow feedback and unclear priorities.

What it is built to support

A desktop investigation workspace where you can:

• Create entities and map their connections on a graph canvas.
• Run transforms, the same pivots you already know from one identifier or entity to the next, against public sources you specify.
• Keep notes attached to the evidence they describe, instead of in a separate file.
• Export findings without moving case data into a hosted cloud workspace.

The app runs in your investigation VM of choice, such as Trace Labs OSINT VM, CSI Linux, hardened Kali, or your own Debian build. It can also run on your host machine if your threat model allows it.

The current build is functional for the workflow above: entities, graph, transforms, notes, and text export. Design partner feedback is shaping the higher-fidelity reporting formats next: PDF, DOCX, and hashed evidence manifest. Those are the formats deliverables ship in.

What it is not

InsightsNexus isn't trying to replace Hunchly. Hunchly does browser-level evidence capture with hashing and chain-of-custody export better than any project at this stage should attempt to clone. The intent is that InsightsNexus runs alongside Hunchly in an investigator's stack. Hunchly handles the browser-level capture. InsightsNexus holds the case structure around it.

It's also not trying to be an enterprise platform. If the workflow requires on-prem deployment, RBAC, government-compliance posture, or the breadth that large enterprise investigation platforms ship with, that isn't what's being built here.

Trust and data handling

The current build runs without an account or login. There's no server to authenticate to, and no case data is uploaded anywhere by the application itself.

The broader local-first posture - no telemetry, transparent network call profile, reproducible build - is where the product is going. Design partner pressure will harden it into firm commitments instead of aspirations. The honest position today: case data stays on your machine in the design partner workflow, and the trust posture you'd want for sensitive work is being built in the open, alongside people who would have to defend a report.

The security and data-handling notes cover the specifics in the form an investigator would want to read.

Why a small design partner cohort

The first cohort is intentionally limited to 8-10 independent investigators: solo and small-shop practitioners doing mixed casework, hybrid journalism-and-investigations work, or Trace Labs-style search work alongside paid engagements. Independent investigators are the group I understand best. They're also the group whose constraints the product is being designed against: no enterprise budget, no compliance department, no one to hand the report off to.

Design partners get free access for 90 days, direct founder access, and a regular feedback cadence. The trade is real: use the product on at least one real investigation or a realistic active workflow, and say plainly where it helps, where it breaks down, and whether it's worth paying for afterward. If we're not a fit, I'll say so on the first call.

Learn more in the design partner FAQ, or request an invitation below if this is the way you work.