Platform reference

How CyberSecurityOS
deploys, integrates, and prices.

The reference document for procurement, platform engineering, CISOs, and GRC. Five sections: surfaces, integration patterns, deployment topologies, pricing model, compliance alignment, SLA tiers. Everything a 2026 MSA needs in one place.

1 · Surfaces

Three product surfaces on one measurement substrate.

Every surface ships over the same Joule Wire Protocol. Every verdict carries a JWP ReceiptPayload. Buy one, two, or all three — the protocol doesn't change.

SURFACE 1

Defensive Substrate

Static ledger + runtime drift + signed bundles. Consumed by your SOC, SRE, platform eng. Integrates via REST / NDJSON / SDK.

SURFACE 2

Offensive Operator CLI

Red-team primitives for authorized operators on your payroll. Fingerprint, diff, corpus-search, leak-scan. Per-seat licensing.

SURFACE 3

Cyber Range & BAS

Reproducible attack scenarios, sandboxed, ATT&CK-scored, signed coverage attestations. Per scenario-hour or managed tier.

2 · Integration patterns

Five ways to consume CyberSecurityOS.

REST API

operational · synchronous

Hit the ledger / verify / range endpoints from any service. Each response includes a signed JWP ReceiptPayload. 

POST /api/v1/joule-sec/ledger
POST /api/v1/joule-sec/verify
POST /api/v1/joule-sec/range/coverage
GET  /api/v1/joule-sec/health

NDJSON streams

telemetry · streaming

One JouleTrace per line on stdin, one DriftReport per line on stdout. Pipe into your SIEM with one tail. 

joule-sec-tap --backend hardware --pid $PID \
  | joule-sec watch ./target-bin \
  | tee -a /var/log/sec/joule.ndjson \
  | your-siem-ingester

Rust SDK

library · embedded

joule-sec as a crate. Build ledgers, compute drift, generate attestations inline in your own service. No extra process. 

[dependencies]
joule-sec = { version = "0.1", features = ["jwp"] }
joule-sec-range = "0.1"

Fleet agent

endpoint · daemon

Deploy the reference agent to every server or endpoint in your fleet. Monitors running processes against a signed known-good corpus; emits verdicts to your SIEM. Cross-platform native binaries, OS-standard log paths, menu-bar indicator included.

Signed bundles

supply-chain · Ed25519 / ML-DSA

Ship a signed fingerprint bundle with every release. Consumers verify the bundle against your pinned public key before trusting it. Constant verification cost: one BLAKE3 hash plus one Ed25519 verify, regardless of corpus size.

3 · Deployment topologies

Four shapes. Pick the one your compliance team can sign off on.

topology
runs on
data residency
best for
billable unit
Managed
joulesperbit.ai substrate
US / EU / APAC region selectable
Fastest time-to-value; mid-market SaaS
Per scenario-hour · per verify
On-prem VPC
Your AWS / GCP / Azure
Stays inside your cloud account
Regulated fintech · healthcare
Per fleet-size bracket
Hybrid
Managed control + VPC data
Telemetry stays on-prem; signed verdicts to managed
Large enterprises with data-residency rules
Annual platform contract
Air-gapped
Customer bare-metal / sovereign cloud
Never touches public internet
Defense · intelligence · critical infra
Annual license + support

4 · Pricing model

Priced by measurable unit, not by alert volume.

The industry standard is vendor-defined "events per second" — pricing that punishes you for generating more telemetry. CyberSecurityOS prices by units you can count and audit: seats, verifications, fleet size, scenario-hours. Contact for current schedules.

PER SEAT

Operator CLI

One seat per authorized red-team operator. Seats are named and audit-logged. Volume pricing above 5 seats.

PER VERIFY

REST API · Managed

One unit per /verify or /ledger call. Bulk tiers for CI/CD integration at pipeline scale.

PER FLEET

Fleet agent · On-prem

Annual subscription banded by endpoint count. Includes signed bundle publication for your release line.

PER SCENARIO-HOUR

Cyber Range

One unit per scenario run against your target. Continuous BAS pricing available for 24/7 coverage.

MANAGED TIER

Platform subscription

Annual contract covering all three surfaces, with a named customer success engineer and quarterly posture reviews.

SOVEREIGN

Air-gapped licence

Annual licence with physical-media update schedule. Includes source-code escrow and cleared-engineer support.

5 · Compliance alignment

Signed coverage reports map into your frameworks.

Every coverage report is signed with Ed25519 and shipped as a JWP ReceiptPayload. Drops into your evidence locker as a tamper-evident artifact, indexed by ATT&CK technique. Maps to the control families auditors ask about.

SOC 2 Type II
CC 6.1 · CC 6.6 · CC 7.2 · CC 7.3
ISO 27001:2022
A.5.23 · A.8.7 · A.8.16 · A.8.28
NIST CSF 2.0
ID.RA · PR.DS · DE.CM · RS.AN
PCI DSS 4.0
6.3 · 10.2 · 11.3 · 11.6
HIPAA Security
§164.308(a)(1)(ii) · §164.312(b)
FedRAMP Rev. 5
AU · CM-7 · SI-3 · SI-4 · SI-7
CMMC Level 3
IR · SI · CA · RA
EU DORA
Art. 24 TLPT · Art. 25 ICT risk

We do not certify customer deployments. Alignment means the evidence format fits the framework's documentation expectations; final attestation is your auditor's.

6 · Security model

Tamper-evident by construction.

Signed artifacts

Ledgers, corpora, coverage reports — all BLAKE3-hashed and Ed25519-signed (ML-DSA FIPS 204 on request). Verification is constant-cost. Tampering voids the signature.

Authorization gates

Dual-use primitives (leak-scan, range, attack emulation) require a named MSA-scoped authorization token. Every invocation is audit-logged.

Sandbox isolation

Range scenarios execute in isolated VMs / containers tied to your authorized target fleet. Sandbox escape requires signed artifact export under your MSA.

Data minimization

Joule traces contain no payload bytes. Ledgers contain instruction classes and picojoule estimates, not source code. Telemetry you send us is strictly statistical.

7 · SLA tiers

Three tiers of support.

tier
availability
response
support channel
Core
99.5% monthly
8 business-hour response
Email · shared Slack
Business
99.9% monthly
2h P1 · 8h P2
Dedicated Slack · named CS engineer
Critical
99.99% monthly
15-min P1 · 1h P2, 24/7
Pager · named incident commander

Ready to scope?

Send us your fleet size, compliance frameworks, and deployment preferences. We'll come back with a scoping document and a pricing schedule — in that order.

Request scoping call