diff --git a/core/ai_bom.py b/core/ai_bom.py new file mode 100644 index 000000000..e1e10935a --- /dev/null +++ b/core/ai_bom.py @@ -0,0 +1,190 @@ +"""AI Bill of Materials (AI-BOM) Generator. + +This module provides the core logic for generating AI-BOMs in CycloneDX format (v1.5+). +It tracks model provenance, training data lineage, model cards, and usage context. +""" + +from __future__ import annotations + +import datetime +import hashlib +import json +import logging +import uuid +from dataclasses import dataclass, field +from typing import Any, Dict, List, Optional, Union + +logger = logging.getLogger(__name__) + + +@dataclass +class ModelCard: + """Standardized Model Card metadata (ISO/IEC 42001 & NIST AI RMF).""" + + model_id: str + name: str + version: str + author: str + description: str + license: str + framework: str # pytorch, tensorflow, sklearn, etc. + model_type: str # llm, classification, regression, etc. + tags: List[str] = field(default_factory=list) + intended_use: List[str] = field(default_factory=list) + limitations: List[str] = field(default_factory=list) + ethical_considerations: List[str] = field(default_factory=list) + inputs: List[Dict[str, str]] = field(default_factory=list) + outputs: List[Dict[str, str]] = field(default_factory=list) + + +@dataclass +class TrainingData: + """Metadata about training datasets.""" + + name: str + url: Optional[str] = None + description: Optional[str] = None + provenance: str = "unknown" # public, proprietary, synthetic + size: str = "unknown" + license: str = "unknown" + sensitive_data: bool = False + pii_present: bool = False + bias_analysis: Optional[str] = None + hash_alg: str = "sha256" + hash_value: Optional[str] = None + + +@dataclass +class AIBOM: + """AI Bill of Materials container.""" + + bom_format: str = "CycloneDX" + spec_version: str = "1.5" + serial_number: str = field(default_factory=lambda: f"urn:uuid:{uuid.uuid4()}") + version: int = 1 + metadata: Dict[str, Any] = field(default_factory=dict) + components: List[Dict[str, Any]] = field(default_factory=list) + services: List[Dict[str, Any]] = field(default_factory=list) + dependencies: List[Dict[str, Any]] = field(default_factory=list) + + def to_json(self) -> str: + """Serialize AI-BOM to JSON string.""" + return json.dumps( + { + "bomFormat": self.bom_format, + "specVersion": self.spec_version, + "serialNumber": self.serial_number, + "version": self.version, + "metadata": self.metadata, + "components": self.components, + "services": self.services, + "dependencies": self.dependencies, + }, + indent=2, + ) + + +class AIBOMGenerator: + """Generates AI-BOMs from model and training data metadata.""" + + def __init__(self, organization: str = "FixOps"): + self.organization = organization + self.timestamp = datetime.datetime.now(datetime.timezone.utc).isoformat() + + def create_bom( + self, + model_card: ModelCard, + training_data: Optional[List[TrainingData]] = None, + dependencies: Optional[List[Dict[str, str]]] = None, + ) -> AIBOM: + """Create a full AI-BOM.""" + metadata = self._build_metadata(model_card) + components = self._build_components(model_card, training_data or [], dependencies or []) + + return AIBOM( + metadata=metadata, + components=components, + ) + + def _build_metadata(self, model: ModelCard) -> Dict[str, Any]: + """Build BOM metadata section.""" + return { + "timestamp": self.timestamp, + "component": { + "type": "machine-learning-model", + "name": model.name, + "version": model.version, + "group": self.organization, + "description": model.description, + "author": model.author, + "licenses": [{"license": {"id": model.license}}], + "purl": f"pkg:ml/{self.organization}/{model.name}@{model.version}", + }, + "tools": [ + { + "vendor": "FixOps", + "name": "AI-BOM Generator", + "version": "1.0.0" + } + ], + "properties": [ + {"name": "fixops:model_type", "value": model.model_type}, + {"name": "fixops:framework", "value": model.framework}, + {"name": "fixops:intended_use", "value": ", ".join(model.intended_use)}, + {"name": "fixops:limitations", "value": ", ".join(model.limitations)}, + ] + } + + def _build_components( + self, + model: ModelCard, + datasets: List[TrainingData], + libs: List[Dict[str, str]] + ) -> List[Dict[str, Any]]: + """Build BOM components (datasets, libraries).""" + components = [] + + # Add Training Data Components + for data in datasets: + comp = { + "type": "data", + "name": data.name, + "description": data.description or "Training dataset", + "scope": "required", + "properties": [ + {"name": "fixops:data:provenance", "value": data.provenance}, + {"name": "fixops:data:size", "value": data.size}, + {"name": "fixops:data:sensitive", "value": str(data.sensitive_data).lower()}, + {"name": "fixops:data:pii", "value": str(data.pii_present).lower()}, + ] + } + if data.url: + comp["externalReferences"] = [ + {"type": "source-distribution", "url": data.url} + ] + if data.hash_value: + comp["hashes"] = [ + {"alg": data.hash_alg.upper(), "content": data.hash_value} + ] + if data.license != "unknown": + comp["licenses"] = [{"license": {"id": data.license}}] + + components.append(comp) + + # Add Library Dependencies (e.g., torch, tensorflow) + for lib in libs: + comp = { + "type": "library", + "name": lib.get("name", "unknown"), + "version": lib.get("version", "unknown"), + "purl": f"pkg:pypi/{lib.get('name')}@{lib.get('version')}" + } + components.append(comp) + + return components + + def generate_hash(self, content: Union[str, bytes]) -> str: + """Helper to generate SHA-256 hash.""" + if isinstance(content, str): + content = content.encode("utf-8") + return hashlib.sha256(content).hexdigest() diff --git a/core/ai_governance.py b/core/ai_governance.py new file mode 100644 index 000000000..678010d26 --- /dev/null +++ b/core/ai_governance.py @@ -0,0 +1,171 @@ +"""AI Model Governance & System Cards. + +This module implements "System Cards" and Model Governance artifacts aligned with +ISO/IEC 42001 (AI Management Systems) and NIST AI RMF. + +It generates human-readable and machine-parseable reports detailing: +1. Intended Purpose & Limitations +2. Fairness & Bias Checks +3. Safety & Performance Metrics +4. Human Oversight Controls +""" + +from __future__ import annotations + +import datetime +import json +import logging +from dataclasses import dataclass, field +from typing import Any, Dict, List, Optional + +from core.ai_bom import ModelCard + +logger = logging.getLogger(__name__) + + +@dataclass +class FairnessCheck: + """Fairness assessment results.""" + metric_name: str + group_attribute: str # e.g., "gender", "age" + parity_difference: float + threshold: float + passed: bool + + +@dataclass +class SafetyEval: + """Safety evaluation results.""" + test_name: str # e.g., "hallucination_rate", "jailbreak_resistance" + score: float + threshold: float + passed: bool + details: str + + +@dataclass +class SystemCard: + """System Card for a deployed AI system (Model + Context).""" + + system_id: str + system_name: str + model_card: ModelCard + + # ISO 42001 Controls + human_oversight_measures: List[str] = field(default_factory=list) + data_governance_policy: str = "Standard Enterprise Policy" + + # Validation Results + fairness_checks: List[FairnessCheck] = field(default_factory=list) + safety_evals: List[SafetyEval] = field(default_factory=list) + + # Operational Metrics + deployment_date: str = field(default_factory=lambda: datetime.datetime.now().isoformat()) + status: str = "active" # active, deprecated, testing + + def to_dict(self) -> Dict[str, Any]: + return { + "system_id": self.system_id, + "system_name": self.system_name, + "model_metadata": { + "name": self.model_card.name, + "version": self.model_card.version, + "type": self.model_card.model_type + }, + "governance": { + "human_oversight": self.human_oversight_measures, + "data_policy": self.data_governance_policy, + "iso_42001_alignment": True + }, + "validation": { + "fairness": [ + { + "metric": f.metric_name, + "group": f.group_attribute, + "diff": f.parity_difference, + "passed": f.passed + } + for f in self.fairness_checks + ], + "safety": [ + { + "test": s.test_name, + "score": s.score, + "passed": s.passed, + "details": s.details + } + for s in self.safety_evals + ] + }, + "status": self.status, + "generated_at": self.deployment_date + } + + def generate_markdown(self) -> str: + """Generate a human-readable System Card report.""" + md = [ + f"# System Card: {self.system_name}", + f"**ID**: {self.system_id} | **Status**: {self.status.upper()}", + "---", + "## 1. Model Overview", + f"- **Model**: {self.model_card.name} (v{self.model_card.version})", + f"- **Type**: {self.model_card.model_type}", + f"- **Description**: {self.model_card.description}", + "", + "## 2. Intended Use & Limitations", + "**Intended Use**:", + *[f"- {use}" for use in self.model_card.intended_use], + "", + "**Limitations**:", + *[f"- {limit}" for limit in self.model_card.limitations], + "", + "## 3. Governance & Oversight (ISO 42001)", + "**Human Oversight Measures**:", + *[f"- {measure}" for measure in self.human_oversight_measures], + "", + "## 4. Safety & Fairness Validation", + ] + + if self.fairness_checks: + md.append("### Fairness Checks") + md.append("| Metric | Group | Parity Diff | Status |") + md.append("|---|---|---|---|") + for f in self.fairness_checks: + status = "✅ PASS" if f.passed else "❌ FAIL" + md.append(f"| {f.metric_name} | {f.group_attribute} | {f.parity_difference:.3f} | {status} |") + md.append("") + + if self.safety_evals: + md.append("### Safety Evaluations") + md.append("| Test | Score | Threshold | Status |") + md.append("|---|---|---|---|") + for s in self.safety_evals: + status = "✅ PASS" if s.passed else "❌ FAIL" + md.append(f"| {s.test_name} | {s.score:.2f} | {s.threshold:.2f} | {status} |") + + return "\n".join(md) + + +class GovernanceEngine: + """Orchestrates the creation and validation of System Cards.""" + + def __init__(self, organization: str = "FixOps"): + self.organization = organization + + def create_system_card( + self, + system_name: str, + model_card: ModelCard, + safety_results: List[SafetyEval], + fairness_results: List[FairnessCheck], + oversight_measures: List[str] + ) -> SystemCard: + """Create a full System Card.""" + return SystemCard( + system_id=f"sys-{model_card.name.lower().replace(' ', '-')}-{model_card.version}", + system_name=system_name, + model_card=model_card, + safety_evals=safety_results, + fairness_checks=fairness_results, + human_oversight_measures=oversight_measures + ) diff --git a/core/differential_privacy.py b/core/differential_privacy.py new file mode 100644 index 000000000..dc94cad2c --- /dev/null +++ b/core/differential_privacy.py @@ -0,0 +1,105 @@ +"""Differential Privacy mechanisms for threat intelligence sharing. + +This module implements localized differential privacy (LDP) algorithms to anonymize +statistical data before sharing it with central threat intelligence feeds. +It allows enterprises to contribute to global security without leaking proprietary details. +""" + +from __future__ import annotations + +import math +import random +import secrets +from dataclasses import dataclass +from typing import Dict, List, Optional, Union + + +@dataclass +class DPConfig: + """Configuration for Differential Privacy.""" + epsilon: float = 1.0 # Privacy budget (lower is more private) + randomize_response: bool = True + noise_mechanism: str = "laplace" # laplace, randomized_response + + +class DifferentialPrivacyEngine: + """Engine for applying differential privacy to sensitive metrics.""" + + def __init__(self, config: Optional[DPConfig] = None): + self.config = config or DPConfig() + + def randomized_response(self, value: bool) -> bool: + """Apply Randomized Response mechanism for boolean values (e.g., 'is vulnerable'). + + Args: + value: The true boolean value. + + Returns: + The potentially flipped value. + """ + if not self.config.randomize_response: + return value + + # p = probability of telling the truth + # For epsilon, p = e^ε / (1 + e^ε) + e_eps = math.exp(self.config.epsilon) + p = e_eps / (1 + e_eps) + + # Flip a coin (cryptographically secure) + if secrets.SystemRandom().random() < p: + return value # Tell the truth + else: + return not value # Lie + + def add_laplace_noise(self, value: float, sensitivity: float = 1.0) -> float: + """Add Laplace noise to numerical values (e.g., vulnerability counts). + + Args: + value: The true value. + sensitivity: Maximum amount the value can change by adding/removing one individual. + + Returns: + Value with added noise. + """ + scale = sensitivity / self.config.epsilon + # Generate Laplace noise: L(0, scale) + # Using inverse transform sampling + u = secrets.SystemRandom().random() - 0.5 + noise = -scale * math.copysign(1.0, u) * math.log(1 - 2 * abs(u)) + + return value + noise + + def anonymize_exploit_stats(self, stats: Dict[str, Union[int, float]]) -> Dict[str, Union[int, float]]: + """Anonymize a dictionary of exploit statistics. + + Args: + stats: Dictionary like {"cve_count": 10, "avg_cvss": 7.5} + + Returns: + Anonymized dictionary suitable for sharing. + """ + anonymized = {} + + # Count data gets Laplace noise + if "cve_count" in stats: + # Cast to int but keep noise (or round if integer counts required) + anonymized["cve_count"] = max(0, round(self.add_laplace_noise(float(stats["cve_count"])))) + + # Averages get Laplace noise + if "avg_cvss" in stats: + # Sensitivity of average depends on dataset size, assuming sensitivity=1 for simplicity here + anonymized["avg_cvss"] = min(10.0, max(0.0, self.add_laplace_noise(float(stats["avg_cvss"]), sensitivity=0.1))) + + # Booleans get Randomized Response + if "has_critical_vulns" in stats: + val = bool(stats["has_critical_vulns"]) + anonymized["has_critical_vulns"] = self.randomized_response(val) + + return anonymized + + def encode_histogram(self, buckets: Dict[str, int]) -> Dict[str, int]: + """Apply DP to a histogram (e.g., vulns per severity).""" + return { + k: max(0, round(self.add_laplace_noise(v))) + for k, v in buckets.items() + } diff --git a/core/privacy_geofence.py b/core/privacy_geofence.py new file mode 100644 index 000000000..c5c3f7366 --- /dev/null +++ b/core/privacy_geofence.py @@ -0,0 +1,134 @@ +"""Privacy Geofencing for EvidenceHub. + +This module enforces data residency controls for evidence bundles. +It ensures that data is stored in allowed geographic regions and prevents access +from unauthorized zones, complying with GDPR, CCPA, and other sovereignty laws. +""" + +from __future__ import annotations + +import logging +from dataclasses import dataclass +from enum import Enum +from pathlib import Path +from typing import Dict, List, Optional, Set + +from core.configuration import OverlayConfig + +logger = logging.getLogger(__name__) + + +class GeoRegion(Enum): + """Supported geographic regions.""" + US = "us" + EU = "eu" + APAC = "apac" + CN = "cn" + GLOBAL = "global" + + +@dataclass +class DataResidencyPolicy: + """Policy defining allowed storage and access regions.""" + + allowed_storage_regions: Set[GeoRegion] + allowed_access_regions: Set[GeoRegion] + block_cross_border_transfer: bool = True + # If true, metadata can be global but sensitive payloads must stay in region + metadata_exception: bool = False + + +class PrivacyGeofence: + """Enforces data residency boundaries.""" + + def __init__(self, config: OverlayConfig): + self.config = config + self.policy = self._load_policy() + # Mock mapping of storage paths to regions for demonstration + self.storage_map: Dict[str, GeoRegion] = { + "s3://fixops-eu-central": GeoRegion.EU, + "s3://fixops-us-east": GeoRegion.US, + "s3://fixops-apac-tokyo": GeoRegion.APAC, + "local": GeoRegion.US, # Default local to US for this example + } + + def _load_policy(self) -> DataResidencyPolicy: + """Load residency policy from overlay config.""" + # Defaults to safe policy: specific region only + region_str = self.config.flag_provider.string("fixops.compliance.region", "us").lower() + + try: + primary_region = GeoRegion(region_str) + except ValueError: + primary_region = GeoRegion.US + logger.warning(f"Invalid region '{region_str}', defaulting to US") + + return DataResidencyPolicy( + allowed_storage_regions={primary_region}, + allowed_access_regions={primary_region}, + block_cross_border_transfer=True + ) + + def validate_storage_location(self, path: Path) -> bool: + """Check if a storage path is allowed by residency policy. + + Args: + path: The file path or URI where data will be stored. + + Returns: + True if allowed, False otherwise. + """ + # Logic to determine region from path (simplified) + str_path = str(path) + detected_region = GeoRegion.US # Default + + if "eu-central" in str_path or "/eu/" in str_path: + detected_region = GeoRegion.EU + elif "apac" in str_path or "/apac/" in str_path: + detected_region = GeoRegion.APAC + + if detected_region not in self.policy.allowed_storage_regions: + logger.error( + f"Geofence Violation: Attempt to store data in {detected_region.value} " + f"but policy allows only {self.policy.allowed_storage_regions}" + ) + return False + + return True + + def validate_access_request(self, request_origin_region: str) -> bool: + """Check if an access request comes from an allowed region. + + Args: + request_origin_region: Region code (e.g., 'eu', 'us') from request context. + + Returns: + True if allowed, False otherwise. + """ + try: + origin = GeoRegion(request_origin_region.lower()) + except ValueError: + logger.warning(f"Unknown access origin: {request_origin_region}") + return False + + if origin not in self.policy.allowed_access_regions: + logger.warning( + f"Geofence Violation: Access denied from {origin.value}. " + f"Allowed: {self.policy.allowed_access_regions}" + ) + return False + + return True + + def enforce_transfer_block(self, source_region: GeoRegion, dest_region: GeoRegion) -> bool: + """Check if moving data between regions is allowed.""" + if source_region == dest_region: + return True + + if self.policy.block_cross_border_transfer: + logger.error( + f"Geofence Block: Transfer from {source_region.value} to {dest_region.value} blocked." + ) + return False + + return True diff --git a/docs/acquisition/FIXOPS_ACQUISITION_TARGETS.md b/docs/acquisition/FIXOPS_ACQUISITION_TARGETS.md new file mode 100644 index 000000000..29a7b9a6a --- /dev/null +++ b/docs/acquisition/FIXOPS_ACQUISITION_TARGETS.md @@ -0,0 +1,76 @@ +# FixOps Strategic Acquisition Targets & Tailored Value Propositions + +## Overview +This document maps FixOps' core capabilities to the strategic needs of three distinct buyer categories: **Big 4 Consulting Firms**, **Tech Giants**, and **Cybersecurity Vendors**. By tailoring the narrative to each group's specific pain points and strategic goals, we maximize the perceived value of the platform. + +--- + +## 1. The "AI Assurance" Play: Big 4 Consulting Firms +**Targets**: Deloitte, PwC, EY, KPMG +**Strategic Need**: Automating the massive, manual burden of AI compliance (EU AI Act, ISO 42001) and security auditing. They sell trust, and they need a tool to *manufacture* it at scale. + +### Value Proposition: "The Automated AI Auditor" +FixOps isn't just a tool; it's a **digital auditor** that automates the collection, verification, and signing of evidence for AI and software supply chains. + +* **The Problem**: Auditing AI systems and software supply chains is manual, expensive, and error-prone. There aren't enough human auditors to cover the EU AI Act mandates. +* **The FixOps Solution**: + * **Evidence-as-Code**: `EvidenceHub` automatically generates cryptographically signed bundles that serve as audit-ready artifacts. + * **Governance Engine**: `MultiLLMConsensus` provides the "human-in-the-loop" oversight required by regulation, but automated at machine speed. + * **Regulatory Mapping**: Native support for ISO 42001 and NIST AI RMF turns technical findings into compliance checklists. + +### Key Features to Highlight: +1. **Immutable Audit Trails**: RSA-SHA256 signed evidence bundles (`core/evidence.py`). +2. **Explainable AI Decisions**: Natural language rationales for every Allow/Block decision (`core/enhanced_decision.py`). +3. **Policy-Driven Compliance**: `DecisionPolicyEngine` allows consultants to codify regulatory frameworks into executable rules. + +--- + +## 2. The "Responsible AI Stack" Play: Tech Giants +**Targets**: Microsoft (GitHub/Azure), Google (Cloud/Mandiant), AWS, IBM +**Strategic Need**: Winning the "Responsible AI" platform war. They need to prove their platforms are safe for enterprise adoption by offering built-in governance and safety guardrails. + +### Value Proposition: "The AI Safety & Governance Layer" +FixOps provides the missing **governance layer** for their AI and DevSecOps stacks. It operationalizes "Responsible AI" from a high-level concept into a blocking pipeline gate. + +* **The Problem**: Enterprises are hesitant to adopt AI-generated code (Copilot, etc.) due to security and hallucination risks. +* **The FixOps Solution**: + * **Hallucination Guards**: `core/hallucination_guards.py` provides a ready-made safety filter for AI outputs. + * **Multi-Model Consensus**: Demonstrates a "defense-in-depth" approach to AI safety by not relying on a single model. + * **Vendor-Agnostic**: Can sit on top of any LLM (OpenAI, Anthropic, Gemini), making it a perfect neutral governance plane. + +### Key Features to Highlight: +1. **Multi-LLM Consensus Engine**: The architecture in `core/enhanced_decision.py` is a turnkey "AI Safety" product. +2. **Pipeline Integration**: seamless fit into GitHub Actions, Azure DevOps, or AWS CodePipeline. +3. **Fact-Checking Algorithms**: Numeric consistency and citation validation (`validate_numeric_consistency`). + +--- + +## 3. The "AI-SPM" Play: Cybersecurity Vendors +**Targets**: Palo Alto Networks (Prisma), CrowdStrike, SentinelOne, Wiz, Snyk +**Strategic Need**: Expanding from traditional Cloud Security Posture Management (CSPM) into the booming **AI Security Posture Management (AI-SPM)** market. + +### Value Proposition: "The Active AI Defense Engine" +FixOps moves beyond "scanning" (passive) to "fixing" (active). It is an **autonomous security analyst** that can validate and remediate risks, not just report them. + +* **The Problem**: Security teams are drowning in alerts. They don't need more scanners; they need an *automated decision maker* to triage the noise. +* **The FixOps Solution**: + * **Automated Triage**: `EnhancedDecisionEngine` reduces alert volume by 90%+ via consensus-based filtering. + * **Active Verification**: `PentAGI` (Micro-Pentest) capability validates if a vulnerability is actually exploitable. + * **Remediation Lifecycle**: Manages the fix process, closing the loop that scanners leave open. + +### Key Features to Highlight: +1. **Micro-Pentest Integration**: The ability to *validate* exploitability (`core/micro_pentest.py`) is a massive differentiator. +2. **Risk Graph Context**: Understanding the relationship between assets (`core/knowledge_graph.py` logic) enriches their existing data. +3. **SLA Management**: The enterprise-grade workflow features (SLA tracking, assignment) turn a scanner into a platform. + +--- + +## Summary Matrix + +| Target Group | Primary Buyer Persona | Key "Hook" | Strategic Fit | +| :--- | :--- | :--- | :--- | +| **Big 4** | Partner / Compliance Lead | "Automates the Audit" | Services Enabler | +| **Tech Giants** | VP of AI / DevTools | "Responsible AI Guardrails" | Platform Feature | +| **Cyber Vendors** | CPO / VP of Strategy | "Autonomous Triage & Fix" | Portfolio Expansion | + +*Generated by FixOps Strategic Analysis - Jan 2026* diff --git a/docs/acquisition/FIXOPS_AI_GOVERNANCE_PRIVACY.md b/docs/acquisition/FIXOPS_AI_GOVERNANCE_PRIVACY.md new file mode 100644 index 000000000..0567c54ed --- /dev/null +++ b/docs/acquisition/FIXOPS_AI_GOVERNANCE_PRIVACY.md @@ -0,0 +1,104 @@ +# FixOps AI Governance & Privacy Architecture +## Acquisition Value Proposition for Big Tech & Consulting Firms + +### Executive Summary + +FixOps is not just a DevSecOps tool; it is a **comprehensive AI Governance & Privacy Platform** disguised as a vulnerability management solution. This document outlines the architectural features that make FixOps a prime acquisition target for: +1. **Big 4 Consulting Firms (Deloitte, PwC, EY, KPMG)**: Seeking automated compliance for EU AI Act, NIST AI RMF, and ISO 42001. +2. **Tech Giants (Microsoft, Google, AWS)**: Needing to bolster their "Responsible AI" stacks with auditable, multi-LLM consensus engines. +3. **Cybersecurity Vendors (Palo Alto, CrowdStrike, SentinelOne)**: Looking to expand into AI Security Posture Management (AI-SPM) and Governance. + +--- + +### 1. AI Governance Architecture (The "Responsible AI" Engine) + +FixOps implements a sophisticated **Multi-LLM Consensus Engine** that natively enforces AI safety and governance. This is not a wrapper; it is a core architectural component that solves the "Black Box" problem of AI decision-making. + +#### 1.1 Multi-LLM Consensus as a Governance Control +* **Architecture**: `core/enhanced_decision.py` and `core/hallucination_guards.py` +* **Value Prop**: Eliminates single-model bias and hallucination risk by aggregating decisions from 4 distinct providers (OpenAI, Anthropic, Google, Sentinel). +* **Governance Mechanism**: + * **Weighted Voting**: Models are weighted by "expertise" (e.g., Claude for compliance, Gemini for exploit signals). + * **Disagreement Analysis**: Automatically flags decisions where models disagree (e.g., "model_action_split"), triggering expert review. + * **Fallback to Determinism**: Graceful degradation to deterministic risk models if consensus confidence drops below threshold (default 85%). +* **Acquisition Hook**: Solves **NIST AI RMF Map 1.2** ("Context is documented and understood") and **Manage 2.3** ("AI system failures are handled"). + +#### 1.2 Hallucination Guards & Fact-Checking +* **Architecture**: `core/hallucination_guards.py` +* **Features**: + * **Input Citation Validation**: Verifies that the LLM's summary cites actual input fields (preventing "creative" invention of data). + * **Numeric Consistency Checks**: cross-references LLM-generated metrics against computed values (within configurable tolerance). + * **Cross-Model Agreement**: Penalizes confidence scores if models diverge on recommended actions or reasoning. +* **Acquisition Hook**: Directly addresses **EU AI Act Article 14** (Human Oversight) and **Article 15** (Accuracy, Robustness, and Cybersecurity). + +#### 1.3 Explainability & "The Why" +* **Architecture**: `core/enhanced_decision.py` (`_reasoning` method) +* **Features**: + * Generates natural-language narratives explaining *why* a decision was made. + * Maps decisions to specific **MITRE ATT&CK** techniques and **Compliance Gaps**. + * Provides a **Decision Rationale** that is persisted in the Evidence Bundle. +* **Acquisition Hook**: Critical for **GDPR Article 22** (Right to Explanation) and **ISO 42001** transparency requirements. + +### 2. Privacy & Data Sovereignty Architecture + +FixOps is built with a "Privacy by Design" philosophy that appeals to privacy-conscious enterprises and regulators. + +#### 2.1 Evidence Redaction & Sanitization +* **Architecture**: `core/logging_config.py` (`redact_sensitive_data`) and `core/evidence.py` +* **Features**: + * **Automated PII/Secret Redaction**: Logs and evidence bundles are automatically scrubbed of sensitive keys (passwords, tokens, keys) before persistence. + * **Configurable Redaction**: Centralized list of sensitive keys (`password`, `secret`, `token`, `api_key`, `jwt`, etc.). +* **Acquisition Hook**: Essential for **GDPR**, **CCPA**, and **HIPAA** compliance in automated systems. + +#### 2.2 Cryptographic Evidence & Non-Repudiation +* **Architecture**: `core/evidence.py` (`EvidenceHub`) +* **Features**: + * **RSA-SHA256 Signing**: Every decision bundle is cryptographically signed, creating an immutable audit trail. + * **Fernet Encryption**: Optional encryption for sensitive bundles at rest. + * **SLSA v1 Provenance**: Generates supply chain provenance that meets **EO 14028** standards. +* **Acquisition Hook**: Provides the "Chain of Custody" required for legal and regulatory defense. + +#### 2.3 On-Prem / Air-Gapped Capable +* **Architecture**: Modular design supports full offline operation (`FIXOPS_MODE=enterprise` vs `demo`). +* **Features**: + * **Local LLM Support**: Can run with local/private LLM endpoints (via `llm_settings`). + * **No "Phone Home"**: Strict control over telemetry and external calls. +* **Acquisition Hook**: Critical for **Defense**, **Banking**, and **Healthcare** sectors where data cannot leave the perimeter. + +### 3. Compliance & Risk Management (The "GRC" Engine) + +FixOps bridges the gap between technical security findings and business risk/compliance. + +#### 3.1 Policy-as-Code Automation +* **Architecture**: `core/decision_policy.py` (`DecisionPolicyEngine`) +* **Features**: + * **Overlay Configuration**: Policies defined in YAML (`config/fixops.overlay.yml`). + * **Business Context Injection**: Injects business impact, data classification, and environment context into decision logic. +* **Acquisition Hook**: Enables **"Continuous Compliance"** rather than point-in-time audits. + +#### 3.2 Probabilistic Risk Forecasting +* **Architecture**: `core/probabilistic.py` +* **Features**: + * Uses Bayesian Networks and Markov Models to forecast risk. + * Moves beyond static CVSS scores to dynamic, predictive risk management. +* **Acquisition Hook**: Aligns with modern **Risk Quantification** methodologies (FAIR, etc.) used by insurers and risk managers. + +### 4. Strategic Gap Analysis for Acquirers + +| Acquirer Type | Value Prop | Feature Mapping | +| :--- | :--- | :--- | +| **Big 4 (Deloitte, PwC)** | Automated AI Assurance Platform | `MultiLLMConsensus` + `EvidenceHub` (Audit Trail) | +| **Microsoft / GitHub** | "GitHub Advanced Security" on Steroids | `enhanced_decision.py` (AI Consensus) + `PolicyEngine` | +| **Palo Alto / Wiz** | Automated Remediation & Verification | `pentagi` (Micro-Pentest) + `remediation_lifecycle` | +| **ServiceNow** | The "Action Layer" for Vulnerability Response | `IntegrationManager` (Jira/SNOW) + `SLA Management` | + +### 5. Roadmap to "Unicorn" Status (The Missing Pieces) + +To maximize acquisition value, FixOps should double down on: + +1. **ISO 42001 & EU AI Act Specifics**: Explicitly map `hallucination_guards` output to "System Cards" or "Model Cards". +2. **Data Sovereignty Controls**: Add granular "Geofencing" for where evidence data is stored. +3. **AI-SPM Expansion**: Extend the `MultiLLMConsensus` engine to govern *other* AI models (not just security findings). + +--- +*Generated by FixOps Architecture Analysis - Jan 2026*