Platform
What SYMMACHY deploys.
Three Trust Cloud tiers, three standalone entry assessments, two fleet lines. All engagements begin with a signed Authority of Use. Pricing ranges are published here; exact scope is negotiated after the Authority of Use defines what we are permitted to do.
Entry — standalone assessments
Fixed-fee, evidence-grade engagements that do not require platform adoption. Each delivers a signed report anchored to the evidence chain. Credit is applied in full toward any subsequent platform contract.
SROS2 Security Hardening Assessment
$12 – 28K
DDS topic injection audit, SPIFFE/SROS2 gap analysis, hardening roadmap. Majority of commercial ROS 2 deployments run without SROS2 enabled — DDS topics are injectable by default. This assessment maps the exact exposure and delivers a signed remediation plan.
Agent Guard Assessment
$15 – 35K
OWASP LLM Top 10 + MITRE ATLAS coverage. Multi-agent lateral propagation test: compromise of one agent must not cascade to the rest. Runtime policy-boundary map. EU AI Act Annex III gap analysis. Converts to Agent Guard SaaS.
PQC Readiness Assessment
$15 – 40K
Cryptographic posture audit against NIST FIPS 203/204/205 (ML-KEM, ML-DSA, SLH-DSA). Evidence-chain PQC migration gap analysis. Hybrid Transparency Log migration plan. CNSA 2.0 deadline is January 1, 2027.
Trust Cloud — platform tiers
Three deployment tiers, differentiated by custody of infrastructure and keys. The Authority of Use governs all three equally — what the platform may do is bounded by the signed document, not by the tier.
Trust Cloud SaaS
Tier 1 — SaaS
$30K – 180K / yr
+ $5 – 10K setup
LATAM mid-market commercial (50 – 2,000 employees)
Multi-tenant, row-level isolation. SYMMACHY-managed keys. Five compliance frameworks covered (ISO 27001, NIST CSF, LFPDPPP, ISO 42001, EU AI Act). Evidence chain anchored to public Rekor. Agent Guard SaaS available as Tier 1 add-on.
Dedicated cluster · Customer-managed keys
Tier 2 — Sovereign Commercial
$180K – 1.5M / yr
+ $50 – 150K setup
Banks, regulated enterprises, fintech, strategic commercial
Dedicated cluster in the customer's Azure tenant. Customer-managed keys in customer Key Vault: SYMMACHY cannot access customer data without the customer's active key grant. Revocation takes seconds. Compliance: ISO 27001 + ISO 42001 + CNBV/Banxico where applicable.
On-premises or sovereign cloud · Customer root of trust
Tier 3 — Air-Gapped Sovereign
$1M – 5M / yr
+ $500K setup
Defense-adjacent, sovereign programs, critical national infrastructure
Deployed on-premises or in customer-controlled sovereign cloud. Signed-bundle update mechanism. Customer controls the cryptographic root of trust. No SYMMACHY cloud dependency on the protection path. Evidence chain runs entirely within the customer's perimeter.
Robotic fleet — two lines
The fleet line determines hardware compliance posture. Software stack (SROS2 + SPIFFE + OPA policy) is identical across both lines.
Fleet CORE
$2 – 4K / unit / month
+ $5K / unit setup
LATAM commercial, non-NDAA environments
Unitree G1 quadruped (primary). SROS2-hardened, SPIFFE-provisioned. RaaS bundle: hardware + maintenance + fleet management + telemetry. Minimum 5 units. Fully creditable toward Trust Cloud Tier 1.
Fleet SOVEREIGN
$3.5 – 7K / unit / month
+ $10K / unit setup
US DoD-adjacent, ITAR/NDAA-restricted environments
Boston Dynamics Spot or ANYbotics ANYmal X (NDAA-compliant). NDAA §889 hardware certificate provided. ITAR-EAR export review required. Same SROS2 + SPIFFE software stack as CORE.
Every engagement — assessment, SaaS, or platform — begins with a signed Authority of Use delimiting permitted systems, geographic scope, asset scope, and human-in-the-loop thresholds. No system is deployed before the Authority is signed.
To discuss scope, write to [email protected]