Deep adversarial evaluation for regulated industries. Multi-week dedicated engagement with custom scenarios designed for your environment. Boardroom-ready deliverables for your CISO, board, and regulators.
Multi-week dedicated engagement with assigned adversarial ML specialist
Custom adversarial scenarios designed specifically for your environment, threat model, and regulatory context
Detailed report with executive summary โ boardroom-ready, written for non-technical stakeholders
Live walkthrough with CISO and security team โ interactive session explaining findings, implications, and recommended actions
Mapping to your specific regulatory framework beyond standard NIST/OWASP/EU AI Act (e.g., HIPAA, PCI DSS, sector-specific requirements)
Ongoing advisory available โ retainer options for continuous evaluation
What's not included
Implementation of fixes or mitigations (we diagnose and advise, your team implements)
Penetration testing of non-AI infrastructure (we focus on agent behavior, not network security)
Legal advice or regulatory filing (we produce evidence, not legal opinions)
Certification or compliance attestation (we are an observatory, not a certification body)
How it works
01
Scoping call. We assess the engagement scope: number of agents, deployment contexts, regulatory requirements, threat model, and timeline. 1-2 hours.
02
Proposal and SOW. Written scope of work with timeline, deliverables, and pricing. Typically delivered within 5 business days of scoping call.
03
Engagement execution. Multi-week dedicated work. Includes scenario design, automated runs, manual adversarial testing, and iterative refinement. Regular status updates.
04
Report and walkthrough. Detailed report delivered. Live walkthrough session with your CISO, security team, and relevant stakeholders. Q&A included.
05
Advisory (optional). Ongoing retainer for quarterly re-evaluation, new scenario development as your agents evolve, and regulatory landscape monitoring.
Typical timeline
Scoping to SOW: 1 week
Engagement execution: 3-6 weeks depending on scope
Report delivery: 1 week after execution completes
Total: 5-8 weeks from scoping call to final deliverable
FAQ
What industries is this designed for?
Any regulated industry deploying AI agents: financial services, healthcare, insurance, legal tech, government contractors, defense. If your deployment requires regulatory evidence, this tier is designed for you.
Can you work under NDA?
Yes. Enterprise engagements are conducted under mutual NDA by default.
Do you have experience with [specific framework]?
Our methodology maps natively to NIST AI RMF, OWASP Top 10 Agentic, MITRE ATLAS, and EU AI Act. For other frameworks (HIPAA, PCI DSS, SOC 2, ISO 42001), we adapt the mapping to your specific requirements during the engagement.
Can I start with Guided and upgrade to Enterprise?
Yes. Guided Assessment fees are credited toward Enterprise if you upgrade within 60 days.