Now shipping · Preston-Check 1.0

Analytical engines
for systems that can’t fail.

AnalyticLab builds AI-augmented developer tools for fintech and other regulated industries — software that turns post-mortems into prevention, and compliance into something you can run from the command line.

See our first product Get in touch

Our products

Pre-deployment security, run locally — augmented by AI.

Each AnalyticLab product is built on the same idea: turn institutional knowledge into automation that runs in your terminal, before code reaches production.

Live · Apache 2.0

Preston-Check

Pre-deployment security audit for fintech. 294 automated checks spanning 33 reputable frameworks — from PCI-DSS and SOC 2 to MiCA, DORA, OWASP, and post-quantum FIPS standards. Runs locally in seconds. Your code never leaves your machine.

Local-first: source files never leave your environment
AI-augmented findings & suggested patches (--ai-fix)
CI-ready: GitHub Actions, GitLab CI, CircleCI, pre-commit
Free for OSS & small teams · zero account required

Visit preston-check.com View on GitHub

~/payments-api · zsh

$ preston-check --ai-augment --ci
→ Loading 294 checks across 33 frameworks…
 
✓ PASS P-01  Hardcoded secrets
✓ PASS P-04  Rate limiting
! WARN P-06  Session security (no IP binding)
✗ FAIL P-29  Webhook signatures (2 endpoints)
✓ PASS P-50  Transaction integrity
✓ PASS P-72  Sanctions screening
 
∿ AI Patch suggested for P-29 → see audit.md
Score: 287 PASS · 4 WARN · 3 FAIL  ·  exit 1
$ 

In development

Continuous compliance evidence

Auto-generated, signed audit packages for SOC 2, ISO 27001, PCI-DSS — refreshed on every push.

Researching

Anomaly detection for production traces

Apply the same analytical lens to live session and request data — catch attackers in flight.

Our approach

Four principles, every product.

We build for engineers who already have audit fatigue. The work has to be fast, private, and grounded in real attacks — not vendor checklists.

Local-first

Your source code never leaves your machine. Airgap mode is one flag away.

AI-augmented

Findings get LLM analysis and suggested patches when you opt in — never required.

Compliance-mapped

Every check ties back to a clause: PCI-DSS, SOC 2, MiCA, DORA, NYDFS, ISO 27001.

Open by default

Apache 2.0 core. OSS repos get pro features free. Verify the code yourself.

Analytical engines for systems that can’t fail.