An on-premise appliance that keeps small defense manufacturers continuously compliant — NIST 800-171, SPRS, CMMC Level 2 readiness, and the new Brilliant Basics — with cryptographically signed, independently verifiable evidence. Honest about what it proves. Right-sized for shops that don't need a SOC.
With Phase II audits suspended, the DoW CIO pointed the DIB back at fundamentals — Brilliant Basics. No certification gate, no audit calendar: security you actually practice. But your obligations didn't pause — DFARS 7012, 800-171, and your SPRS score remain binding, and a signed score is a federal representation with False Claims Act exposure to match. Which leaves exactly one question — can you prove what you signed? Here is the IT Top 10 against what AEGIS evidences today, labeled with the same honesty our console uses. We never claim green we can't defend.
MFA posture read continuously from every enrolled host — authenticator types classified conservatively, phishing-resistant vs legacy, per machine.
Devices, accounts, software, and the network services your enclave actually talks to — inventoried from live telemetry and signed. Not a spreadsheet.
Patch posture and software inventory evidenced today; end-of-life flagging is on the near roadmap.
A posture you declare — AEGIS anchors the declaration with the accountable owner's signature and keeps its history.
Your CUI boundary declared and anchored; passive flow logging watches what actually crosses it. Limits lateral movement you can demonstrate.
Vulnerability posture from host telemetry; risk decisions recorded as signed, dated history — defensible diligence, not a binder.
For shops that ship software: policy-attested, signed by the accountable person, re-opened automatically when the policy drifts.
The wire already knows which AI services your network talks to — AEGIS observes DNS and TLS and can show you. Most shops are surprised.
Backup posture via host readers; restore-test attestations anchored with dates and named, signing people.
Training and awareness attestations tied to real, enrolled people with hardware-backed signatures — not a sheet of initials.
AEGIS turns 110 controls and 320 objectives into a guided path a one-person shop can actually run — a real SPRS score from live evidence, the single highest-impact next action, and, for the controls a sensor can't prove, real policies generated from your own environment, signed with a passkey and Merkle-anchored. Here it is, working.
Every engagement starts with Module 01 — visibility is the foundation. Additional modules are added based on your assessment findings and the controls you need to close. Each module maps explicitly to CMMC control families, with sensible network hardening included along the way.
Full network and endpoint visibility. Passive traffic analysis, beacon detection, and endpoint behavioral monitoring — all processed on hardware in your facility. No vendor cloud. No subscription dependency.
Most defenses watch what comes in. We watch what goes out, pin DNS to controlled resolvers, lock down every remote access door, and clean up firewall rules nobody has touched in a decade.
MFA, privileged access hardening, and account auditing close the door most attackers walk through first. Integrated with your existing AD or M365 — no rip and replace.
Tripwires an intruder can't avoid — fake CUI documents, honey credentials, decoy endpoints. The moment anything touches one, you get a real alert. No tuning, no noise: if it fires, something is genuinely wrong.
Detection tuned to the indicators that actually matter for small DIB shops — curated by a human, not a generic vendor feed. An optional layer for clients who want monitoring beyond the compliance baseline.
When something happens — and it will — you need forensic capability, a documented response process, and evidence that survives legal and regulatory scrutiny. Module 06 ensures you're not building the plan during the crisis.
NIST 800-171A mapped at the assessment-objective level — 300+ of 320 objectives across all 110 controls — to live, signed telemetry. Every fact is producer-signed and Merkle-anchored; an independent verifier lets your assessor re-check the evidence themselves. SSP and POA&M render from the evidence, not over it.
ShieldGate aggregates signals across multiple AEGIS deployments — correlating threat patterns across the supply chain, sharing anonymized IOCs between DIB clients, and providing cross-site anomaly detection that no single deployment can see alone.
All tiers require a one-time Phase 1 deployment engagement. Pricing shown is for ≤15 endpoints — scales with environment size. Triangle / Triad area on-site included.
20+ years of enterprise infrastructure. Former sole global escalation engineer for SolarWinds ThreatMonitor. Deep Cisco, DNS, and network behavioral analysis expertise. Not a platform vendor. Not a staffing firm. A consultant who has been inside these networks and knows what breaks.
AEGIS-DIB is built on open-source components — Zeek, Suricata, RITA — deployed via Ansible to hardware you own, in your facility, under your control. No vendor lock-in. No cloud dependency. No telemetry leaving your network. When the SaaS platform goes down, your security keeps running.
A free 30–45 minute call. We walk through your network, your endpoints, your policies, and your CMMC posture. You get a one-page readiness summary — traffic lights across all 14 CMMC domains, top three priorities, and a clear picture of what November 2026 looks like from where you are today. No charge. No obligation. Delivered same day.
Schedule Your Free Interview