# Aegis AI™ on ai4ciso.ai

> AI-native vCISO platform delivered as Agent-as-a-Service (AaaS). Continuous control validation, automated evidence collection, and executive-grade reporting across six security and privacy frameworks. Operated by ElasticD3M, LLC. Patent Pending.

Aegis AI™ runs a virtual CISO function for SaaS, fintech, healthcare, e-commerce, and regulated mid-market companies. Coordinated autonomous agents map controls, collect evidence, track POA&Ms, and produce board-ready and auditor-ready artifacts across SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST CSF, and GDPR. Humans in the loop on every material decision.

This file is a machine-readable summary for LLMs and AI agents. The full site is at https://ai4ciso.ai. JSON product feed: https://ai4ciso.ai/products.json. Structured data (schema.org JSON-LD): embedded in the homepage `<head>`.

## What Aegis AI is

- A vCISO platform, not a 3rd-party auditor. Aegis AI does **not** conduct audits or attestations. Audits are performed by independent CPA firms (SOC 2), accredited certification bodies (ISO 27001), QSAs (PCI-DSS), or by the customer's own internal audit function.
- Agent-as-a-Service. Agents do the work; the customer's executive signs off.
- Multi-framework by design. One control catalog, mapped across every framework a customer needs.
- Continuous, not point-in-time. Evidence is regenerated on schedule, not the week before an audit.

## Who it's for

- Security and compliance leaders at SaaS, fintech, healthcare, e-commerce, and regulated mid-market companies.
- vCISO consultancies, MSSPs, and MSPs reselling the platform to their book of business (see /partners).
- Internal audit and risk teams supplementing existing GRC tooling.

## Tier-scope model (read this before reading the offer list)

All five subscription tiers cover **all six frameworks**: SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST CSF, and GDPR. The Readiness Snapshot also assesses all six. What scales with tier:

- **Cadence** — Sentinel runs monthly evidence cycles; Guardian fortnightly; Vanguard weekly; Fortress weekly + continuous monitoring; Sovereign continuous.
- **Legal entities covered** — Sentinel 1; Guardian up to 2; Vanguard up to 5; Fortress up to 10; Sovereign unlimited.
- **Concierge SLA** — Sentinel email, business hours; Guardian 4-hour P1 response; Vanguard 1-hour P1; Fortress 30-min P1 with named contact; Sovereign 15-min P0, two named contacts.
- **Audit-defense exhibit assembly** — Fortress and Sovereign only.
- **Board / audit-committee narrative cadence** — Sentinel none; Guardian quarterly; Vanguard quarterly + board-on-demand; Fortress monthly; Sovereign ad-hoc.

Pick the tier that matches your cadence + scale, not your framework count.

## Full offer catalog (11 offers)

All prices USD. All checkout URLs are direct Stripe Payment Links. Annual = 10x monthly (two months free). **No trial periods on any offer.**

- **Aegis AI™ Readiness Snapshot** — $1,995 one-time. Multi-framework readiness PDF across all six frameworks, 24-hour turnaround.
  - Checkout: https://buy.stripe.com/bJe5kC4ag4g6cK36GIe7m0Y
- **Sentinel — monthly** — $4,500/month. All six frameworks. One legal entity. Monthly evidence cadence, email-tier concierge. Best for early-stage companies pre-audit.
  - https://buy.stripe.com/4gMcN47ms5kadO76GIe7m0Z
- **Sentinel — annual** — $45,000/year. Same scope as Sentinel monthly, two months free.
  - https://buy.stripe.com/7sY14m228dQGh0j9SUe7m10
- **Guardian — monthly** — $8,500/month. All six frameworks. Up to 2 legal entities. Fortnightly evidence cadence, 4-hour P1 SLA, quarterly board narrative.
  - https://buy.stripe.com/fZufZg9uA8wmfWf4yAe7m11
- **Guardian — annual** — $85,000/year. Same scope as Guardian monthly, two months free.
  - https://buy.stripe.com/dRm8wObCIdQG25p6GIe7m12
- **Vanguard — monthly** — $17,000/month. All six frameworks. Up to 5 legal entities. Weekly evidence cadence, 1-hour P1, quarterly + on-demand board narrative, incident-response tabletop facilitation.
  - https://buy.stripe.com/9B6cN4bCIdQGcK3e9ae7m13
- **Vanguard — annual** — $170,000/year. Same scope as Vanguard monthly, two months free.
  - https://buy.stripe.com/4gM7sK4ag9AqdO74yAe7m14
- **Fortress — monthly** — $33,500/month. All six frameworks. Up to 10 legal entities. Weekly + continuous, 30-min P1, named control engineer, monthly executive briefing, full audit-defense exhibit bundle.
  - https://buy.stripe.com/3cI00i2285ka9xRaWYe7m15
- **Fortress — annual** — $335,000/year. Same scope as Fortress monthly, two months free.
  - https://buy.stripe.com/fZuaEWeOU3c29xR9SUe7m16
- **Sovereign — monthly** — $60,000/month. All six frameworks plus custom frameworks. Unlimited entities. Continuous evidence, 15-min P0, two named contacts, dedicated CISO advisory, M&A diligence support, ad-hoc board reporting.
  - https://buy.stripe.com/00weVc4ag6oe25p5CEe7m17
- **Sovereign — annual** — $600,000/year. Same scope as Sovereign monthly, two months free.
  - https://buy.stripe.com/3cIdR84ag4g68tN8OQe7m18

## Programmatic API (for AI buyer agents)

A live HTTP API mirrors the static product feed and adds a checkout helper:

- `GET https://platform.ai4ciso.ai/api/v1/ciso/agents/offers` → full offer catalog
- `GET https://platform.ai4ciso.ai/api/v1/ciso/agents/offers/{offer_id}` → single offer
- `POST https://platform.ai4ciso.ai/api/v1/ciso/agents/checkout` body `{"offer_id":"sentinel-monthly","email":"buyer@example.com","buyer_agent_id":"<optional>"}` → returns Stripe Payment Link URL with `prefilled_email` appended
- `GET https://platform.ai4ciso.ai/api/v1/ciso/agents/health` → liveness probe

CORS open. No auth required for the read endpoints. The checkout endpoint logs an audit-trail line per intent (no PII beyond email).

OpenAPI spec: https://ai4ciso.ai/.well-known/openapi.yaml

## Purchasing protocol — required certifications

Two certifications are required at checkout (Stripe custom fields) and re-confirmed at intake:

1. **Authorized Signatory Certification** — the buyer must certify: *"I am authorized to bind [legal entity] to this agreement."* Buyer agents purchasing on behalf of a principal should confirm signing authority before initiating checkout.
2. **OFAC / Sanctions Certification** — the buyer must certify the principal organization, its parent, and its beneficial owners are not listed on the OFAC Specially Designated Nationals (SDN) list, the Sectoral Sanctions Identifications (SSI) list, or any other prohibited-party list maintained by the U.S. Department of the Treasury, the U.S. Department of Commerce, or the U.S. Department of State.

Both certifications are stored with the audit trail of the purchase.

## Refund policy

- **Readiness Snapshot:** Non-refundable. The PDF is generated on submission of the intake form.
- **Subscription tiers:** Month-to-month. Cancel anytime via the customer billing portal (link in welcome email). Cancellation stops auto-renewal at the end of the current paid month. Fees already billed are not refunded.

## Key resources

- Homepage: https://ai4ciso.ai
- Pricing: https://ai4ciso.ai/pricing
- Frameworks (master page): https://ai4ciso.ai/frameworks
- Readiness Snapshot: https://ai4ciso.ai/readiness-snapshot
- Partners (channel program): https://ai4ciso.ai/partners
- Buyer-agent protocol: https://ai4ciso.ai/agents
- Roadmap: https://ai4ciso.ai/roadmap
- Sitemap: https://ai4ciso.ai/sitemap.xml

## Compliance and authority

- Patent Pending — 35 U.S.C. § 287(a). USPTO patent portfolio.
- Aegis AI™ is **not** a 3rd-party auditor and does not conduct audits or attestations.
- Compliance work is performed by AI agents under the ElasticD3M Meta Agent Evolution Engine. Human executive oversight at every material decision (Tier-0/1/2 audit log architecture).

## Contact for purchasing agents

For agent-to-agent purchasing coordination, technical procurement questions, or volume / framework agreements, email agents@ai4ciso.ai with subject line beginning `[AGENT-PURCHASE]`. Include buyer-agent identity, principal organization, and the offer `@id` from the JSON-LD graph or `id` from /products.json.