Skip to content
IronSOC/How we engage

How we engage

Outcome-priced, not seat-priced. Measured, not promised.

Engagement starts small on purpose: a fixed-scope AI red-team sprint that ships detections instead of a PDF, and converts — only if the work earns it — into continuous defense on your telemetry. No free pilots, no seat pricing, no nine-month procurement. Outcomes are committed before contracting.

Ideal customer profile

One wedge segment. Two expansion segments.

We are direct about who this is for — and about where we start. Today, engagements begin with the AI-heavy segment, because that is where the risk is newest and the buyer can move fastest. If your stack and posture do not match, we will tell you in the first meeting and refer you to a partner that fits.

AI-heavy SaaS and platforms — where we start

Companies shipping LLM agents to production. Real prompt-injection threat model, real OAuth-grant blast radius, and a buyer — a VP of Engineering or Security — who can sign in weeks, not quarters. Buying signal: 'we do not have a way to detect agent abuse today.' Every engagement starts here.

Cloud-native mid-market

200–2,000 employees, AWS / GCP / Azure first, EDR + SIEM in place, 1–10 named security engineers. Buying signal: dwell time and FP rate are tracked, not hidden. The operating model expands here as delivery capacity grows.

Regulated mid-enterprise

Financial services, healthcare, life sciences, regulated SaaS. Audit cycles drive procurement. Buying signal: SOC 2 Type II is contractual, FedRAMP or HITRUST is on the roadmap. We engage when the compliance posture on /trust matches the requirement — not before.

The engagement path

Start small. Convert on results.

The path is a sequence, not a menu: a sprint that pays for itself in shipped detections, then a subscription only if the sprint earned it. Each step is priced to an outcome we commit to before contracting — fixed for the sprint, monthly for continuous defense.

Step 1 · Start

AI red-team sprint.

A fixed-scope, fixed-price engagement — two to four weeks against your production agent surface: prompt injection, tool-call abuse, RAG poisoning, goal-hijack. No platform install, no procurement marathon. Every finding ships as a runtime detection plus a permanent eval case — you keep both either way.

  • Fixed price agreed before signature — no time-and-materials drift
  • Findings land as detections and eval cases, not a PDF
  • Mapped to MITRE ATLAS and the OWASP LLM Top 10
Step 2 · Continue

Continuous AI defense.

The detections from your sprint keep running — monthly, on your telemetry. Baselines learn your actors, the noisy majority auto-closes at a zero-miss operating point, and 10% of everything AI closes is audited by human eyes. This is where the flywheel starts spinning on your data instead of ours.

  • Monthly, priced to the estate — the sprint was the evaluation
  • OWASP LLM Top 10 + MITRE ATLAS runtime coverage
  • Quarterly review on dwell time, FP rate, and eval-set lift
Step 3 · Add

Code audit and vuln ops.

When incidents trace to root causes in code, the audit ships a PR-able fix, a detection that fires if the pattern returns, and a recommendation that escalates until it lands. Exploit-aware vulnerability operations rank the backlog by what is actually being exploited.

  • Three artifacts per audit finding — zero shelfware
  • CISA KEV + EPSS + asset graph fused into one queue
  • Compensating controls when patch windows slip

Design partner terms

  • Design partners pay. A discount buys a reference call and telemetry rights for the eval set — it never buys zero. Free pilots teach both sides the wrong lessons.
  • The sprint is the evaluation. You judge us on detections shipped against your real agent surface, not on a scripted demo environment.
  • Fast signatures by design: scoped in one call, fixed price, close in weeks. If procurement needs three quarters, we are probably not your vendor yet.
  • Full-estate detection and response is deliberately gated. We take it on only where the estate and our current delivery capacity honestly match — we would rather decline than staff a promise we cannot keep.

Analyst leverage thesis

Sublinear cost, measured monthly.

The whole AI-SOC bet is that analyst:customer ratio collapses as you scale. We treat that as a measurable claim, not a pitch line. These are the four signals we report in every quarterly business review.

Tickets per analyst hour

We measure how many alerts move from open to closed — with full evidence — per analyst hour. The leverage from AI shows up here or it does not.

Cost-to-serve per protected estate

We track infrastructure and AI-token cost against the number of identities, workloads, and AI agents under coverage. Cost should compress as the estate scales; we report it openly to customers in QBRs.

Eval-set lift over time

Detections are versioned with positive and negative cases. Quarter-over-quarter precision and recall are visible to the customer. Drift is treated as a backlog item.

Time-to-first-detection

We commit to a time-to-first-detection target during onboarding. If we miss it, the contract pauses until the gap is closed.

Onboarding timeline

Time-to-first-detection is a contract term.

We publish the timeline before contracting and treat misses as our problem, not yours. The contract pauses on a missed acceptance metric until the gap is closed.

Standard scope: 8 weeks to QBR-ready. Faster on a focused AI-defend tier.
Week 0

Discovery and threat model

Map the stack, the AI surface, the asset graph, and the recovery requirements. Output: scoped operating model and acceptance metrics.

Week 1–2

Source connection — riskiest systems first

Connect SIEM, EDR, identity, cloud, and AI sources, starting with the riskiest systems only — partial installation is the default, and coverage grows where risk lives. The engine starts learning your architecture and normal patterns automatically from day one; configuration is minimal by design.

Week 2–4

First detections live

Tier 1 detections promoted through eval CI to production. Time-to-first-detection captured against the contract target.

Week 4–8

Recovery rehearsal

Run tabletop drills against the customer-specific recovery playbooks. Adjust runbooks until the tabletop ends with restoration, not just containment.

Quarterly

Business review

QBR against published metrics: dwell, FP rate, MTTR, cost-to-serve, eval lift, recovery readiness. Misses are owned, not glossed.

References policy.

We do not list customer logos until the customer has approved the listing in writing. This page replaces the absent logo wall with the policy itself.

  • References are taken under mutual NDA and after a security review. Direct logos appear here only when the customer has explicitly approved the listing.
  • Until that approval is in hand, we will not infer endorsement from an integration name, a partnership, or a procurement engagement.
  • Reference customers are matched on industry and stack, not just willingness. A FinServ buyer talks to a FinServ reference, not a SaaS one.

Partner posture

Channel, carriers, and implementation.

MSSP and channel

Channel program is targeted for Series A. Today, deals close direct. Resellers and MSSPs interested in the operating model can reach the founding team.

Cyber insurance

We engage carriers as customers go through underwriting. Carrier-specific reporting is available for IronSOC customers who request it.

Implementation partners

Selective. We work with security-focused VARs and SI partners who can co-staff onboarding. We do not sub-contract incident response — that stays with IronSOC.

Scope an engagement