AIR builds your readiness assessment, response plan, eight scenario playbooks, regulatory notification matrix, and tabletop exercise kit from a three-minute intake. One PDF, delivered to your inbox in hours.
$1,495. One time. Price stated before you click anything.
Take the free 90-second readiness checkFree, no signup, nothing leaves your browser. Or get the full plan now, $1,495.
"Please send a copy of your incident response plan." Your cyber insurer at renewal · an enterprise customer's security questionnaire · an auditor's document request
Different senders, same email. And the honest answer in a lot of businesses is a template someone downloaded two jobs ago, with nobody's name in it. AIR exists so you can reply the same day, with a plan that is recognizably about your company.
Free and fast. It names nobody, matches nothing you actually run, and the people asking for it have read a hundred of them. It answers the email without answering the question.
A good consultant builds a strong plan over a number of weeks, at consulting prices. The right call for complex enterprises. Slower and heavier than most businesses need for a working plan this month.
Entirely doable. NIST publishes the guidance free of charge. Budget several working days, and someone on staff who enjoys reading framework documents and statute text.
AIR is the fourth option: the specificity of consultant work, at a fixed price, on a same-day clock.
One PDF, six components, built from your seventeen intake answers.
Every element of a 43-element catalog (NIST CSF 2.0 subcategories, organized to the NIST SP 800-61r3 incident response lifecycle) is accounted for: identified gap, or not asserted ready. No invented scores, no percentages.
Roles with write-in name slots, a SEV-1 to SEV-4 severity matrix, bright-line activation criteria, a communication order, and evidence rules your team can actually follow at 2 AM.
Ransomware, business email compromise, data breach, insider misuse, lost device, vendor breach, AI-enabled fraud, machine-speed intrusion. Run AI in the business? A ninth playbook covers incidents in your own AI systems. Steps match your reality: Microsoft 365 or Google Workspace, EDR or none, and the backup posture you actually reported.
Only the obligations your answers establish: HIPAA, SEC Form 8-K, FTC Safeguards Rule, NYDFS Part 500, state breach statutes, card brands, your insurance carrier. Each row carries its deadline and its citation.
A 60-minute facilitated scenario with timed injects, facilitator notes, and after-action questions. Your first exercise is on the calendar before the binder gets dusty.
Your gaps, ordered by risk and sequenced into three horizons, so the cheapest highest-leverage fixes land first.
The email reads perfectly. The voice on the phone sounds exactly like your CEO. The playbook answers with procedure, not intuition: out-of-band verification against numbers on file, a freeze on the payment change, and a same-day path to your bank and carrier.
Automated attack tooling touches many accounts in minutes. The playbook trades investigation depth for containment speed: velocity is the signal, identity is contained first, and the machine credentials attackers target get rotated early.
Run copilots or AI agents? Tell the intake, and your plan adds a playbook for incidents inside them: prompt injection, agent compromise, poisoned content sources, with the kill-switch and inventory discipline to contain them. If you do not run AI, your plan is not padded with it.
Every step is curated, deterministic, and matched to what you actually run, the same honesty as the rest of the deliverable. Machine-speed response with a human holding authority is the posture; the plan is where it starts.
Fixed price, stated up front. Your intake link arrives by email immediately after checkout.
How your business runs: who handles IT, what your email lives on, where backups stand, which rules touch your data. Plain questions, no document uploads, no connectors.
Print it. Write two names in the roles table. Put the tabletop on the calendar. Reply to the email that asked for your plan.
Your notification deadlines come from the cited rule text, selected in code from your answers. The AI cannot invent a regulator, a deadline, or a statute. Gaps stated by your own answers are computed directly and labeled "stated in your intake."
Summaries, context, and directional findings are drafted by the engine against a closed catalog. Anything it cites outside that catalog is dropped before it can reach your document. We built the guardrail because we know exactly how these models fail.
Every element is either an identified gap or "not asserted ready." Nothing is assumed in place because you paid us. The methodology page of your PDF says which findings came from your answers and which are directional, in plain language.
You are not buying seats, logins, or a dashboard to ignore. An agent does the work, a human-gated pipeline reviews the delivery, and you get the artifact. That is the AaaS difference.
The matrix cites the rules and summarizes the deadlines so your counsel starts from organized facts instead of a blank page. During a real incident, counsel confirms applicability. The deliverable says this on its face.
AIR is the plan, the playbooks, and the readiness picture. It does not watch your network or respond on your behalf. If you want continuous coverage afterward, that is what our subscription tiers are for.
No document makes you "compliant," and we will not pretend otherwise. AIR makes you prepared, on paper that holds up to the people who asked.
One-time purchase · no subscription required · delivered by email
Checkout runs through Stripe. Your intake link arrives immediately. The deliverable follows within hours of your intake, and in any case within 2 business days.
Want a read before you decide? Take the free 90-second readiness check first.
The pipeline generates and reviews your deliverable after you submit intake; most arrive the same day, often much faster. Our service commitment is within 2 business days at the outside. If we miss it, the Refund Policy applies: you get your money back.
Yes. The email-compromise playbook falls back to provider-agnostic steps that still name the moves: save sign-in history, revoke sessions, reset credentials, hunt persistence. The other five playbooks do not depend on your email platform.
They are used to build your deliverable, processed on US-based infrastructure, with the subprocessors listed on our Subprocessors page. No cloud connections, no agents installed, no telemetry collected. The intake is seventeen questions about how your business runs.
The major US overlays: the HIPAA Breach Notification Rule, SEC Form 8-K Item 1.05, the FTC Safeguards Rule notification requirement, NYDFS Part 500, state breach statutes, card-brand and acquirer obligations, and your cyber insurance carrier. Rows appear only when your answers establish they apply. If few apply to you, your matrix is short and says so honestly.
AIR is an agent built and operated by ElasticD3M, LLC, and we say so plainly. The parts that must be exact (deadlines, citations, catalog elements, playbook steps) are deterministic, curated content selected in code. The drafted parts are grounded against a closed catalog and a delivery gate reviews every PDF before it ships. The methodology page in your deliverable explains exactly which is which.
Yes. Two of the eight core playbooks are built for them: AI-enabled fraud (deepfake voice and machine-written requests) and machine-speed intrusion (automated attack tooling). The steps are deterministic and matched to your stack, like every other playbook in the deliverable.
If your intake says you run generative AI or agents, your deliverable adds a ninth playbook for exactly those incidents: prompt injection, agent compromise, poisoned content sources, and model abuse, plus the register and kill-switch discipline to contain them. If you do not run AI, we do not pad your plan with it.
Your $1,495 credits in full toward the first month of any Aegis AI subscription tier within 30 days. The plan stands on its own either way; the subscription is for businesses that want the readiness picture maintained continuously, with evidence behind it.