Live today
Multi-framework control catalog + 5 connectors live
One control catalog mapped across SOC 2, ISO 27001, HIPAA, PCI-DSS, NIST CSF, and GDPR. Five connectors live in production today, pulling daily evidence snapshots into the catalog.
- AWS — AWS Config + CloudTrail. Read-only IAM role via CloudFormation StackSet. Covers infrastructure, access control, logging, and configuration management controls.
- Microsoft Azure — Azure Policy + Defender for Cloud. Read-only Reader role on an Entra app registration. Same coverage as the AWS connector on the Azure side.
- Microsoft 365 — M365 tenant connector. Identity, mailbox, OneDrive, SharePoint, and Teams configuration evidence.
- Okta — MFA enrollment, conditional access policies, application assignments, lifecycle events.
- CrowdStrike Falcon — endpoint state, threat detections, and host inventory.
- Aegis AI™ Readiness Snapshot — multi-framework PDF deliverable. $1,995 one-time, 24-hour turnaround.
8-week build plan
Weeks 1–2: GitHub + GitLab connectors
SDLC and change-management evidence: branch protection, code review enforcement, signed-commit posture, secret-scanning state, and deploy-key inventory. Read-only OAuth app or PAT scope.
Weeks 3–4: Snyk + Tenable connectors
Vulnerability management evidence: open-vuln inventory, SLA breach tracking, exception register, and remediation throughput. Maps to vulnerability-management controls across all six frameworks.
Weeks 5–6: Jamf + Kandji connectors
Endpoint management for macOS-heavy stacks. Compliance-posture pull, OS-version inventory, and configuration-profile state.
Weeks 7–8: Datadog + Splunk + Sumo Logic connectors
Log and observability ingestion. Confirms log-retention, log-completeness, and detection-rule coverage against framework requirements (audit logging, monitoring, incident-detection control families).
Quarterly milestones
Q3 2026: Wiz + auditor portal v1
Wiz connector for CSPM-rich evidence. Auditor portal v1 — read-only auditor access to a customer's evidence package with download manifest and chain-of-custody log.
Q4 2026: Continuous evidence streaming + automated remediation playbooks
Move from daily snapshots to event-stream ingestion. First wave of automated remediation playbooks for non-judgment control gaps (e.g., MFA enforcement, default-deny policy hardening, log-retention enforcement).
Q1 2027: Custom-framework support + M&A diligence module
Customer-defined framework support (regulator-specific or contractually-required custom catalogs). M&A diligence module for Sovereign-tier customers: rapid control-posture diff between acquirer and target.
Q2 2027: Additional integrations
Roadmap candidates driven by customer demand: additional log platforms, additional EDR vendors, additional cloud security posture-management tools, and additional identity providers. Customer input shapes priority order.
How we ship
Directional dates. Dates on this page are targets, not guarantees. If a target slips, the new target is posted on this page within one business day.
Existing customers get every connector update at no additional cost on their current tier. We don't gate connector access behind a higher tier.
Customer demand shapes priority order. Email [email protected] with your environment stack and the framework that drives your audit calendar.
Buy what's live today. Get what ships next at no additional cost.
See pricing → Frameworks Aegis AI covers →