sec.01 // company
Moksha.
Secure infrastructure from Copenhagen. We find vulnerabilities in the storage drivers that run the world's data. Then we build the replacements.
sec.02 // origin
How this started.
Bulkhead started as a ZFS storage driver for XAPI. A security audit of the platform preceded the build — 89 findings later, the scope expanded to the full storage and security stack.
Clean-room implementation, no inherited code.
sec.03 // methodology
The methodology.
- Audit every line of driver code
- Disclose responsibly through our CNA — 90-day window, no exceptions
- Build replacements with zero inherited code
- Ship production-grade replacements
sec.04 // name
Why "Bulkhead."
A bulkhead is a wall inside a ship, submarine, or aircraft that contains damage. If one compartment floods, the bulkhead keeps the rest alive.
That's what we do for storage infrastructure. We find where the water gets in. Then we build the wall.
The name came from that world — oil rigs, nuclear plants, shipping containers, aviation. The industries where a bulkhead is literally the thing keeping you alive. The [B|H] logo is monospace because that's what it's made of.
sec.05 // product family
What we build.
| Product | What it does | Status |
|---|---|---|
| Bulkhead ZFS Live | Native ZFS storage driver for XAPI | Shipping |
| Bulkhead NFS-Live | Native NFS driver, pluggable snapshot backends | Coming soon |
| Bulkhead iSCSI-Live | Native iSCSI storage driver | Coming soon |
| Bulkhead SMB-Live | Native SMB storage driver | Coming soon |
sec.06 // contact
Get in touch.
Moksha. Copenhagen, Denmark.
- security@bulkhead.dk
- cna.moksha.dk — CVE Numbering Authority portal
- github.com/bulkhead-dk — public mirror