When the inspector boards,you hand him exactly what he needs.

DeckTrust is the maritime cybersecurity compliance platform built for 33 CFR 101 Subpart F. One system for training, documentation, assessments, and inspection readiness — from single-vessel operators to enterprise fleets.

decktrust.dev
DeckTrust fleet analytics dashboard showing compliance trajectory, training completions, and inspection readiness across an entire fleet

Built for the vessels that keep America's energy infrastructure running

OSVsPSVsATBsTankersDrillshipsFerriesMODULiftboatsFSOsBarges

33 CFR Part 101 Subpart F

Is your vessel in compliance?

Enter your vessel details to see exactly which requirements apply and when they take effect.

Phase 1 active

July 2025

Phase 2 in effect

January 2026

Phase 3 approaching

July 2027

Vessel identification

Vessel identifier

Vessel type & operating area

Contact (to receive your report)

Your information is used solely to generate this compliance report. We don't spam.

Any fleet. Any scale.

Five vessels or five hundred.
One compliance program.

DeckTrust handles any fleet configuration — OSVs in the Gulf, tankers on international routes, drillships, ATBs, ferries, or mixed fleets across multiple operators. Every entity gets its own compliance tracking, every person gets the right training track, and every document is scoped to the vessel it belongs to. Add an entity, assign personnel, and compliance tracking starts automatically.

decktrust.dev
DeckTrust compliance dashboard showing fleet-wide status with per-vessel training progress, key personnel tracking, and phase completion indicators

23 deliverables. 5 outcomes.

Everything the inspector is looking for

The USCG inspection checklist maps to specific documents, records, and evidence. DeckTrust produces all of them.

Your people are trained and documented

Self-paced cybersecurity training mapped to every 101.650(d) requirement. Dual-clock deadline enforcement, key personnel tracking, completion certificates, and duration records that satisfy inspector scrutiny.

Your systems are inventoried and assessed

IT and OT asset inventory across every vessel. Cybersecurity assessments with field-ready mobile forms, photo evidence, and structured findings. CISA KEV cross-referencing for known vulnerabilities.

Your plans are written and approved

Cybersecurity Plan builder covering all 14 required sections under 101.630(c). Vessel Security Assessments, Vessel Security Plans, CySO designation documentation, and full approval workflows.

Your incident response is ready

Structured reporting for all five categories of reportable cyber incidents. Cyber Incident Response Plans with notification chains, drill scheduling, deficiency tracking, and NRC submission records.

Signature Feature

One-click inspection readiness package

Every deliverable above rolls up into a single, downloadable inspection package — organized and indexed to match every question on the USCG inspector's checklist. When the boarding team requests documentation, you don't scramble. You hand them a complete package and get back to work.

Inspection Package

23 documents, organized by checklist section

Training Records & Certificates
Personnel & Key Personnel Docs
Cybersecurity Plan & Assessments
Incident Reports & CIRP
Asset Inventory & Vendor Risk
decktrust.dev
DeckTrust training module showing maritime cybersecurity threat content with structured learning objectives and threat category tables

Training Delivery

Cybersecurity training tailoredfor maritime operations

Not repackaged IT policies with a ship on the cover. Every module is built around real vessel scenarios — OT systems on the bridge, port facility networks, threats specific to maritime operations. Written by someone with 12 years on the water and the cybersecurity credentials to back it up. Your crew completes training on any device and every completion generates records that meet 101.640 retention requirements.

  • All 101.650(d)(1) and (d)(2) training tracks
  • Dual-clock deadline enforcement
  • Server-graded quizzes with active time tracking
  • PDF certificates and training summaries on demand

Why this exists

Built by someone who has done this job

DeckTrust founder

DeckTrust was built by a mariner with 12 years of hands-on vessel experience — from 100-ton workboats to 7th generation drillships. He has worked directly with BP, Shell, Chevron, and Exxon on the water, and has personally stood on the bridge during USCG inspections.

When the MTSA Cybersecurity Rule was published, he saw the gap immediately. The regulation is detailed and specific, but the operators who need to comply don't have cybersecurity teams. The tools that exist were built by software companies who have never set foot on a vessel. The inspectors who enforce it are looking for specific documents in specific formats — and getting it wrong means deficiencies, delays, and operational risk.

So he built the platform himself. CISSP and CCSP certified, with the operational background to know exactly what the inspector is looking for and the technical depth to build the system that produces it. Every deliverable template, every training module, every compliance workflow in DeckTrust was designed by someone who knows what it's like to prepare for inspection day — because he's been there.

CISSPCCSP12 Years Vessel Experience

The regulation is live

33 CFR Part 101 Subpart F applies to every MTSA-regulated vessel and facility. Three compliance phases are rolling out now.

Phase 1Active

July 2025

Cyber incident reporting to the National Response Center

Phase 2In Effect

January 2026

Cybersecurity training for all personnel with IT/OT system access

Phase 3Approaching

July 2027

CySO designation, Cybersecurity Assessment, Cybersecurity Plan

Compliance is an operational decision.Make it once.

One platform, every deliverable, every vessel. DeckTrust gets your fleet inspection-ready and keeps it there.