Source truth
Files or artifacts exist.
Successor architecture
HawkinsOperations
Governed AI-assisted detection engineering.
Original HawkinsOps proved output. Successor HawkinsOperations proves control.
HawkinsOperations is the governed successor architecture for detection engineering, validation, evidence discipline, and public claim control. It separates source, runtime, signal, evidence, and public-proof truth so AI-assisted security work can be reviewed instead of merely generated.
Core thesis
AI is labor. Governance is authority.
AI may assist drafting, review, comparison, summarization, implementation support, and analysis.
AI may not promote artifacts, declare runtime state, approve public claims, or own truth. Human approval controls final promotion.
Truth boundaries
Separate claims before they become public proof.
Runtime truth
Systems are deployed, enabled, or running under stated conditions.
Signal truth
Telemetry, alert, log, search, or output was observed.
Evidence truth
Supporting material is preserved and linked.
Public proof
Wording is reviewed, scoped, approved, and safe for external use.
Legacy/reference truth
Historical material that does not become current truth by copy-paste.
Surface routing
No surface may claim another surface's truth.
GitHub org
Governed successor source and public governance summaries.
Detection source repo
Detection source only.
Validation repo
Tests, schemas, and validation checks.
Platform repo
Platform architecture and stack truth tracking.
Proof repo
Proof contracts, evidence indexes, claim linkage, and public-safe records.
Website repo
Public rendering only.
Current status
Governance boundaries are published before bulk migration.
Current public material
Read current public material as source and architecture unless specific evidence-backed claims are linked.
Public claim control
Public claims require evidence, review, stale review, and approval.
Original HawkinsOps
The original HawkinsOps system remains historical and proof-reference material unless explicitly promoted under successor rules.
Promotion model
First governed detection path
HOPS-DET-0001 is the first governed detection proof path. Its purpose is to demonstrate the promotion model across source, validation, runtime, signal, evidence, and public-safe claim boundaries.
Status: proof path in progress.
Reviewer note
The successor architecture is being published before bulk migration so legacy artifacts do not inherit successor trust automatically. Claims are promoted only when the supporting evidence and review path exist.