Member Info for Muck165

Agree, it’s frustrating. “Soon” seems to mean different things to different people!

But then they’d be daft to say what they did if there was no basis and, let’s face it, details of any commercials (let alone multiple deals with “major agencies”) is likely to ignite the SP. For me the wait is worth it and I’ll keep adding as we go up and down in the current trading range.

Got this from St Brides this PM

“ Hi

Apologies that you may have felt like you were emailing into an abyss. Your two emails were in my Junk Email folder but hopefully that wont happen again.

As John says, we are in the process of setting up an Investor Meet Company presentation and details will follow soon.

Best regards

Paul”

i wrote to st brides a week or so ago with a question about the ranger rns. they didn’t reply. so i wrote directly to john herring to see if narf had plans for another imc presentation, and to explain shareholders would benefit from updated info on roll out across agencies, strategic partners, other products in development.

i got this reply from john this evening, copying in peter krens at tennyson, and paul dulieu at st brides

“have asked our pr firm to set up a lnvestor meet event - paul ccd: here - he had acknolwded receipt of an earlier email from you thst got buried and not responded - it wont happen again - and our broker advisor peter - who regularly talks with our investors and keep our disclosures on sides and organizes our calls and exchanges in a compliant manner - also ccd: here. i've asked them to reach out to you and if for some reason these professionals we employ to keep our investors informed don't do their job feel free to reach out again.”

so, he seems pretty ****ed at his pr team, and we should get another imc session shortly. hopefully none of will have to guess where we stand with things after that.

Had some more today.

“In commercial discussions with multiple large ad agencies” - 2 May RNS

“Meeting key partners” - plural, two weeks ago

Confirming (eg finalising) deals with major agencies - plural, 2 weeks ago

Scaling rapidly - 2 weeks ago

Jeez, what bigger neon flashing sign could there be to indicate imminent and potentially amazing news for GFIN and the SP. All we need to do is get through 0.08.

I see gfin has a new website - Gfinity.cinnadev.co.za

Anyone know why a U.K. company has a web address ending with .za (ie South Africa)?

Apologies if this has been discussed before.

ABDX have posted this case study about FOFH

https://www.abingdonhealth.com/case-study-find-out-from-home/

As well as this little video with Namia

https://www.linkedin.com/posts/abingdon-health_find-out-ceo-founder-yannick-namia-from-activity-7344373853260840961-Ttg_?utm_source=share&utm_medium=member_desktop&rcm=ACoAAEuI5eIBooawepY_Ubn_CKcFOzTXAaBN1HA

I especially liked this bit in the guys profile

“Current responsibilities include overseeing multiple contractors for DoD's Iron Bank Social Cyber program.”

As far as I am aware we were the ONLY company awarded a Social Cyber DARPA R&D contract, so when he says multiple contractors I’m taking it to mean multiple buyers of SC.

For info, I came across this LinkedIn Profile for a guy who joined Oteemo Inc in Sept 2024 to basically project manage the Iron Bank Social Cyber Integration.

https://www.linkedin.com/in/paulbordenkircher/

From what I can see, Oteemo is a specialized DevSecOps and cloud-native transformation company that supports federal and enterprise clients in rapidly deploying secure, scalable software systems. With deep expertise in containerization, continuous integration/continuous delivery (CI/CD), and zero-trust architecture, Oteemo helps companies like Narf like Narf navigate complex compliance environments such as Iron Bank, Platform One, and DoD-wide cybersecurity standards. Their experience spans both defense and commercial sectors, enabling them to bridge technical and operational gaps between emerging technologies and production-ready solutions.

For Narf, it looks to me like Oteemo is a strategic partner in integrating and scaling Social Cyber across the Department of Defense and beyond. Through its active SBIR Phase III contract (granted May 2025) Oteemo is authorized to deliver and integrate technologies originally developed under DARPA or DoD-funded programs—such as Social Cyber—without the need for additional competitive procurement. This positions Oteemo to accelerate Social Cyber’s deployment by managing container hardening, Iron Bank accreditation, and cross-agency rollout through secure DevSecOps pipelines. Additionally, Oteemo can support commercialization by adapting the solution for enterprise clients seeking advanced threat intelligence and software supply chain protection.

In short, Oteemo seem to be acting as a specialist company to ensure SC meets all Iron Bank and DoD compliance requirements, and as a facilitator thereafter for multi agency roll out and potentially enterprise roll out of SC.

https://oteemo.com/blog/oteemo-awarded-sbir/

Details here about M&A activity in the space during 2024.

Our £9m MCAP is peanuts given where we are.

https://www.jackimwoods.com/acquisitions-in-the-cybersecurity-sector-in-2024/

This makes a very, very interesting read about how cybersecurity businesses like Narf are valued in the M&A world in 2025.

The key point for me is this - companies with a SaaS business model are typically valued based on a multiple of revenue, with publicly traded SaaS companies valued at an average of 14.2x.

We are currently transitioning to a SaaS model, aiming to hit $20m annual recurring revenue through Ranger roll out by 2027. On those numbers and valuation metrics, we’d be valued at nearer $285m rather than the £9m current MCAP.

We’re not there yet, but with Iron Bank “stamp of approval” and commercial launch we are well on the way. And remember, each new Ranger/SC GS&S contract we get is estimated to bring in $1-2m annual recurring, meaning each contract effectively increases our M&A value by $14.2 - $28.4m.

And all of that ignores normal R&D work, other products we might commercialise from prior R&D work (TIGR, HARDEN, SAFEDOCS, INGOTS), and enterprise Ranger/Sc contracts..

Whichever way you look at it, the piece tells me that we are very significantly undervalued. And if it turns out the “top tier”strategic partners we’ve been talking to for a while want to acquire us, news on that front could be incredible.

https://www.jackimwoods.com/how-to-value-your-cybersecurity-business-in-2025/?utm_source=chatgpt.com

I honestly don’t know JJ. If you look back you’ll find that the original DARPA program for Social Cyber was called Ranger. But there’s also stuff to say SC is a discrete product, not a Platform, so why call Ranger a Platform.? It’s just confusing. St Brides haven’t replied!

Just for info…

DARPA hosted the Resilient Software Systems Colloquium on 17 June. You can see all the various presentations by playing the video in this link (the presentations just follow each other, so just let the video roll once each presentation finishes).

https://www.darpa.mil/news/2025/ushering-new-era-cyber-resilience

There was a strong central feature - DARPA wants to drive use of Formal Methods across govt cybersecurity. Formal Methods are applications to mathematically prove that a system behaves correctly and securely, rather than relying solely on testing, which can miss subtle flaws.

NARF have been engaged in two DARPA formal methods programs.

HARDEN - see RNS of 14 Oct 2022, a $6.3m contract. In the RNS, NARF said “Whilst it may be too early to be definitive on the eventual commercial potential of Product(s) spun out of the R&D work, we are anticipating it to be substantial”

SafeDocs - in conjunction with SRI, beginning in 2021 - https://computerscience.tcnj.edu/2022/11/15/colloquium-talk-with-dr-michael-e-locasto-november-15-an-operational-definition-of-parsing-and-its-consequences/

The point is that whilst Ranger might be the current focus, the recent DARPA drive to Formal Methods might bring significant gains from other programs we’ve been working on for years.

To demonstrate the scale of risk that SC is designed to protect

https://openssf.org/blog/2025/01/23/predictions-for-open-source-security-in-2025-ai-state-actors-and-supply-chains/

Just for info, but I’ve written to St Brides to try and get clarity on this.

That is what I’d thought Neil.

But then Narf repeatedly call Ranger a Platform, not a Product, in the last RNS, nor do they reference SC at all, hence my confusion! Put another way, I have never seen SC called Ranger before and if Narf were just launching it as a product, I’d expect them just to say “we’ve launched our SC product”, rather than say “we have launched our Ranger platform.”

Right now, I think we have launched a platform with SC as a foundational component. I agree though, the SC element is years ahead of competitors and gives us a great head start!

Im a little confused by something and wonder if anyone can shed any light..

My understanding was that SC is a stand alone product which was intended to act as the foundation for the ultimate goal, a wider Software Supply Chain Security Platform (SSCS).

Ranger is described as an open source risk detection platform which “goes beyond traditional code scanning. It analyzes the people and behaviors behind open-source projects to detect early warning signs, giving users critical foresight into emerging risks and vulnerabilities.” That sounds like an SSCS to me.

So, whilst I had thought Ranger and SC were one and the same thing, it in fact it sounds very much to me like we haven’t just productised SC, but launched a full SSCS platform.

Does that sound about right?

Put another way, I don’t believe for one second that NARF have gone almost an entire year without making further progress with Ranger in a number of other us departments.

JJ - the IMC presentation was done in March last year.

It had a whole section on SC/ aka Ranger

It talked about P1 being the first “validating” customer, but that we were also talking to 2 others.

True to form, the P1 contracts was RNSd a little while later.

So my view is that P1 are already a user, other depts are looking at it, but their take up should be accelerated by the P1 validation.

Remember, we have an awful lot more fully owned IP for further platform products. Ranger is just the start.

Lots of things point that way, or to a very nice strategic partnership. I’ve had another £10k today, in bits.

I don’t think the mkt is crediting the value here. In the immediate term we have US and other world government agencies to target. Then comes enterprise. But the point is that we have a multi year head start on competitors in this space because of the early DARPA R&D work, and it’s a space with massive cyber risk and massive value to us.