Modernize the
mainframe. Lose nothing.
Ironparse translates the COBOL systems banks and insurers still run on into modern, maintainable APIs — with verified, field-for-field fidelity, entirely inside your network. Deterministic. Two-model-verified. Zero data egress.
Doing nothing is the danger. A bad migration ends careers.
Sold to the CIO and Head of Modernization at an insurer or bank. Everything Ironparse does dissolves one of two fears.
The COBOL workforce is retiring. The systems are brittle, undocumented, and load-bearing. Standing still is its own slow-motion failure.
Translates it — and documents the originals as it goes.
A bad migration silently corrupts policy data, breaks compliance, and ends careers. Most teams are afraid to touch it at all.
100% verified parity. Zero hallucinations. The diff is the proof.
Four guarantees a CIO can verify without trusting us.
Every translation passes five deterministic quality gates before a single line of code emits. The audit happens inside the pipeline — not after, on your team's time.
Verified field parity
100% field-for-field parity, enforced by deterministic gates and two-model consensus. Zero hallucinations — the diff is yours to read, before any code ships.
Zero egress, on-prem
Runs entirely inside your VPC on your hardware, with a local model. No third-party LLM, no telemetry, no prompt logs. Your code never leaves your network.
Reproducible & auditable
Same input, same output, every run. Every transformation emits a signed receipt — built for the regulator's question, not just the engineer's.
Insurance-native
Built around ACORD standards and policy-admin copybooks — REDEFINES overlays, OCCURS DEPENDING ON, the real edge cases that break general-purpose tools.
Don't trust us. Read the diff.
The single most important artifact in the room. Point Ironparse at a copybook and it returns a signed parity receipt: every field mapped, every gate scored, the input and output hashed. Reproducible byte-for-byte.
The live receipt below runs on the hardest known ACORD AL3 record — nested REDEFINES, nested OCCURS DEPENDING ON — and computes every number in front of you.
Open the live receipt →Five deterministic gates. The model never gets the last word.
Tree-sitter extracts the copybook to an AST with no LLM involved. A local model drafts the schema from that AST — and then five gates, plus a two-model consensus fallback, decide whether a single line is allowed to ship.
Deterministic AST extraction — fields, levels, PIC, REDEFINES, OCCURS. No LLM involved.
The drafted schema must be valid Zod — no prose, no fences, no hallucinated imports.
len(COBOL fields) === len(schema leaves). Off by one and the build fails.
Every REDEFINES → a union; every OCCURS → a dynamic array. No silent flattening.
A mock document round-trips through the schema. Internal consistency, proven.
Only if 03/04 fail: two independent models must agree (≥0.95) before any output emits.
Proven on ACORD AL3 / IBM z/OS COBOL copybooks. AS/400 (RPG/DDS), VMS, and GCOS sources on the roadmap. The open architecture spec is public — read it on GitHub before you trust a word of it.
Find a field we get wrong.
That's the entire point. The parity receipt is reproducible byte-for-byte on your hardware — re-run it and the hashes match. If the engine ever maps a field incorrectly, that's not a support ticket, it's the thing we most want to see. Bring the copybook that breaks it.
FAQ
Does our code or data ever leave our network?
No. The engine runs entirely inside your VPC on your hardware, with a local model. Zero bytes of source, schema, or policy data egress — no third-party LLM, no telemetry, no prompt logs.
How is “100% parity” actually verified, not just claimed?
By counting. Tree-sitter extracts every elementary field to an AST deterministically; the emitted schema must contain exactly the same number of leaves, every REDEFINES as a union and every OCCURS as an array. The check is arithmetic, not a confidence score — and the full diff ships with every translation.
What if the model gets it wrong?
It can't ship a wrong answer. A failed gate escalates to the Burned Book of historical failures and a two-model consensus retry; if a parity-clean result still can't be produced, the record is flagged for human review. It is never emitted silently.
Is it reproducible for an audit?
Yes. Same input, same output, every run — no randomness, no temperature. The receipt carries SHA-256 hashes of both the input copybook and the output schema. Re-run it yourself and confirm the hashes match.
What does a pilot include?
A scoped engagement from $250k against one policy-admin system or copybook set, deployed inside your perimeter, delivered with a full per-copybook parity report your security team and your regulator can both read.
Solo-built, on-prem, zero-egress — that's the trust advantage.
Ironparse is not a VC-bloated SaaS phoning your data home to train a model. The entire contract is your code and data never leave your network. For a security-conscious buyer, a focused engine that runs air-gapped on your hardware is more trustworthy than a cloud vendor with a hundred sub-processors. Military threat-rigor, zero data egress, no cloud — the discipline is the product.
Pilots from $250k, deployed inside your perimeter.
Scoped to one policy-admin system or copybook set, delivered with a full parity report. We never see your data — the engine runs on your hardware, start to finish. The pilot ends with a receipt your security team and your regulator can both read.
Request a pilot →