Ethical AI Security Intelligence

Protect what matters.
Before they do.

AISymmetric Aegis delivers AI-augmented white-hat security assessments across every platform your business runs on. Passive. Authorized. Altruistic.

Explore Services See the Aegis Tool
28+
Audit Categories
6
Audit Phases
100%
Non-Destructive
Salesforce Security AWS / Azure / GCP LLM Penetration Testing Agentforce Audits API Gateway Security SOC 2 Readiness ISO 27001 Gap Analysis Red Team Engagements Boomi / MuleSoft Audits OWASP Top 10 Salesforce Security AWS / Azure / GCP LLM Penetration Testing Agentforce Audits API Gateway Security SOC 2 Readiness ISO 27001 Gap Analysis Red Team Engagements Boomi / MuleSoft Audits OWASP Top 10
Core Services

Security intelligence across
every surface

From passive reconnaissance to compliance readiness, Aegis covers the full attack surface with AI-augmented analysis that compresses 50-70 hour assessments into focused, deliverable-grade engagements.

01
Passive Reconnaissance
DNS enumeration, certificate transparency, OSINT, GitHub exposure, WHOIS analysis — zero footprint on your target until you're ready.
DNS OSINT crt.sh ASN Mapping
02
Platform Security Audits
Salesforce, Dynamics, HubSpot, AWS, Azure, GCP — deep-dive access control, configuration, and exposure reviews tuned to each platform's threat model.
Salesforce AWS Azure Dynamics
03
AI & LLM Security
Prompt injection, jailbreak vectors, RAG data leakage, Agentforce scope audits — the emerging attack surface most firms aren't testing yet.
Prompt Injection RAG Security Agentforce
04
Web & API Penetration
OWASP Top 10, API gateway testing, BOLA/BFLA detection, authentication bypass — scoped engagements with clear deliverables.
OWASP REST/GraphQL Auth Testing
05
Compliance & GRC
SOC 2, ISO 27001, HIPAA Security Rule — gap analysis, evidence collection prep, and remediation roadmaps you can act on immediately.
SOC 2 ISO 27001 HIPAA
06
vCISO Retainer
Ongoing security leadership embedded in your team — policy governance, vendor review, incident response planning, and board-level risk reporting.
Ongoing $3-6K/mo Executive Reporting
Aegis Audit Tool

One command.
Repeatable intelligence.

The Aegis Claude Code agent runs against any authorized target, picks up exactly where it left off across runs, and produces a professional findings report you can hand to a client — all without touching a single endpoint destructively.

P01
Passive Reconnaissance
DNS, crt.sh, WHOIS, ASN, GitHub OSINT, dork generation
Passive
P02
Infrastructure Fingerprinting
Security headers, SSL/TLS, cookies, CORS, info disclosure
Passive
P03
DNS & Email Security
SPF, DKIM, DMARC, BIMI, zone transfer detection
Passive
P04
Surface Mapping
Shallow crawl, admin panel discovery, API endpoint extraction
Light
P05
Vulnerability Mapping
OWASP Top 10, CVSS scoring, CVE correlation, remediation
Analysis
P06
Report Generation
Executive summary, risk scorecard, priority matrix, evidence
Output
aegis — claude code — zsh 
# invoke the aegis agent
$ claude "Continue the security audit"

╔══════════════════════════════════════╗
 AISymmetric Aegis — Run #3          
 Target: acme.com                     
 Prior findings: 7  New this run: 3  
╚══════════════════════════════════════╝

[P01] Passive Recon ............... ✓
[P02] Header Analysis ............. ✓ 3 issues
[P03] DNS & Email Security ........ ✓ DMARC: none
[P04] Surface Mapping ............. ✓ 2 admin panels
[P05] Vulnerability Mapping ....... ✓
[P06] Report Updated .............. ✓

────────────────────────────────────
[HIGH]   Missing HSTS header
[MED]    DMARC policy set to 'none'
[MED]    CSP header absent
────────────────────────────────────
Report: findings/report_draft.md
$

The best security researchers make the internet safer for everyone — one authorized assessment at a time.

AISymmetric Aegis · Ethical Security Charter

Platform Coverage

Every platform.
Every surface.

CRM
Salesforce Org Audit
Profiles, permission sets, sharing rules, Apex injection, guest user exposure
CRM
Salesforce OAuth Review
Connected apps, OAuth scopes, named credentials, external services
CRM
HubSpot Security
API key hygiene, workflow data leakage, portal access controls
CRM
Dynamics 365 Audit
Role-based access, Power Automate flows, Dataverse security model
Cloud
AWS Security Review
IAM policies, S3 exposure, Security Hub findings, VPC configuration
Cloud
Azure Identity Audit
Entra ID, RBAC, Key Vault, NSG rules, Defender for Cloud
Cloud
GCP Assessment
IAM bindings, Cloud Storage ACLs, VPC firewall rules, audit logging
Cloud
Multi-Cloud Review
Cross-platform gap analysis against CIS Benchmarks or NIST CSF
AI / LLM
Agentforce Audit
Prompt injection, data scope, tool permission overreach, output filtering
AI / LLM
LLM App Pentest
Jailbreaks, indirect RAG injection, data exfiltration vectors
AI / LLM
AI Supply Chain
Third-party model risk, fine-tune data provenance, API key hygiene
AI / LLM
RAG / Vector DB Security
Embedding poisoning, unauthorized retrieval, chunk store access controls
GRC
SOC 2 Readiness
Gap analysis against Trust Services Criteria, evidence collection prep
GRC
ISO 27001 Gap Analysis
Control mapping, risk register, remediation roadmap
GRC
HIPAA Security Review
ePHI access controls, audit logging, BA agreements, breach risk analysis
Marketing
Marketing Cloud Audit
API key hygiene, Journey Builder data scope, SFTP credential review
Investment

Transparent. Scoped. Delivered.

Every engagement is fixed-fee and scoped upfront — no surprise overages. Choose a tier or build a custom package from our platform catalog.

One-Time
Retainer Save 20% on retainer
Starter
From
$2K
$2,000 - $8,000 per engagement
Surface the quick wins.
  • Email infra audit (SPF/DKIM/DMARC)
  • OAuth & connected app review
  • Static code analysis (SAST)
  • Security header assessment
  • Passive recon & DNS review
  • Executive findings report
  • Remediation guidance
Get Started
Most Popular
Mid-Market
From
$8K
$8,000 - $20,000 per engagement
Full platform. Real risk picture.
  • Everything in Starter
  • Salesforce org deep-dive
  • Cloud config audit (AWS/Azure/GCP)
  • Web app pentest (OWASP Top 10)
  • API gateway security review
  • SOC 2 / ISO 27001 gap analysis
  • CVSS-scored findings report
  • Priority remediation matrix
Request Scoping Call
Premium
From
$20K
$20,000 - $60,000 per engagement
Adversary simulation. Board-ready.
  • Full red team engagement
  • Multi-cloud posture review
  • LLM / AI platform pentest
  • RAG & vector DB security audit
  • Social engineering simulation
  • Detection gap report
  • Executive & board presentation
  • 30-day remediation support
Request Scoping Call
vCISO Retainer
From
$3K/mo
$3,000 - $6,000 per month
Embedded security leadership.
  • Ongoing security governance
  • Policy & vendor review
  • Incident response planning
  • Quarterly risk reporting
  • Board-level risk briefings
  • Compliance roadmap stewardship
  • Annual penetration test included
  • Dedicated Slack channel
Schedule a Conversation
Security Foundations Bundle
The perfect entry point
Email infrastructure audit + OAuth/connected app review + static code analysis. Three high-signal, low-friction engagements packaged as one. Ideal for organizations that want a foot in the door before a full platform assessment.
Email Infra Audit OAuth Review SAST Code Scan
$17,000 separately
$9K
Save ~47%
Claim Bundle
Get Started

Ready to find what's
exposed?

Every assessment starts with scope, authorization, and a clear deliverable. No guesswork. No noise. Just findings you can act on.

Request an Assessment Download Aegis Tool