Vectorbreak Security

SERVICE · AUDIT · FIXED FEE

Fixed-scope red-team engagements against your live AI agent or RAG pipeline. Five Surfaces methodology. Insurance-grade deliverable. Retest included. Sign-off letter for your compliance team, your carrier, and your acquirer.

What's an AI security audit?

An AI security audit is a fixed-scope red-team engagement against a live AI agent, RAG pipeline, or MCP deployment. Vectorbreak runs the Five Surfaces methodology against your system, catalogs findings across 69 risk classes, and delivers an insurance-grade report with a retest engagement included. Unlike traditional pentesting — which targets network and web-app vulnerabilities — an AI audit targets prompt injection, tool-call privilege escalation, model extraction, sandbox escape, and other LLM-specific attack patterns that standard methodologies miss entirely.

Who it's for

  • Cyber-insurance renewal — carrier is asking for evidence of model-level red-teaming before they'll quote your renewal.
  • EU AI Act conformity — Article 15 (third-party testing) and Article 26 (conformity assessment) require documented evidence.
  • Acquirer diligence — buyer's security team wants an independent AI audit before signing.
  • Customer security questionnaire — enterprise prospect wants proof of AI security testing before they sign your contract.
  • MCP deployment in production — you ship MCP servers and want to catch tool-poisoning, privilege escalation, and prompt-to-RCE chains before someone else does.
  • Internal red-team augmentation — your AppSec team has web/network coverage but no AI-specific methodology.

What's in the deliverable

  • Findings report with reproductions, severity ratings, and per-finding remediation guidance
  • One retest engagement to validate your remediations
  • Sign-off letter referencing the retest, suitable for compliance teams, insurance carriers, and acquirer diligence
  • Mapping to OWASP-LLM-Top-10, MITRE ATLAS, and the Five Surfaces 69-class taxonomy
  • Executive summary suitable for a board readout or CISO brief
  • Tooling artifacts (test scripts, fuzzer configs) where applicable

Compliance-Anchored adds Article 15/16/26 mapping, ISO/IEC 42001 Annex A documentation, and an insurance-attestation pack. Annual Program adds quarterly re-assessments, monthly threat-intel briefings, and 24-hour emergency triage SLA.

The SKU ladder

Fixed-fee at every level. 60% on signature, 30% at delivery, 10% on retest sign-off.

SKUScopeDurationFrom
PulsePublic 10-probe Surface-3 battery against your MCP server(s). 1-page red/yellow/green + 30-min readout.1 day$4,500
MCP TriageSurface 3 only — full fuzzer run + manual creative testing + findings memo.1 week$12,500
PilotSingle in-scope surface, single product. Full deliverable shape, narrower target.2 weeks$28,500
StandardOne product, ≤3 MCP servers, ≤2 retrieval pipelines, all five surfaces in scope.4 weeks$48,500
Multi-AgentStandard + multi-agent orchestration (LangGraph / AutoGen / CrewAI), 4-6 MCP servers, sub-agent trust analysis.4 weeks$78,500
Compliance-AnchoredStandard + EU AI Act Article 15/16/26 conformity mapping + ISO/IEC 42001 Annex A + insurance-attestation pack.5 weeks$125,000
Annual ProgramQuarterly assessments + monthly threat-intel briefing + 24-hr emergency-triage SLA + annual board readout.12 months$185K - $285K

FAQ

What's an AI security audit?

An AI security audit is a fixed-scope red-team engagement against a live AI agent, RAG pipeline, or MCP deployment. Vectorbreak runs the Five Surfaces methodology against your system, catalogs findings across 69 risk classes, and delivers an insurance-grade report with a retest engagement included. Unlike traditional pentesting (which targets network and web-app vulnerabilities), an AI audit targets prompt injection, tool-call privilege escalation, model extraction, sandbox escape, and other LLM-specific attack patterns.

What surfaces are tested?

Standard and above tier engagements test all five: Input/Output (prompts, jailbreaks, output sanitization), Retrieval (RAG corpus poisoning, indirect prompt injection), Tool-Call/MCP (function poisoning, privilege escalation, RCE chains), Model (prompt extraction, training-data leakage, safety-filter bypass), and Runtime (sandbox escape, memory poisoning, telemetry exfiltration). Pulse and MCP Triage are scoped to Surface 3 only. Pilot focuses on one surface of your choice.

What does the deliverable include?

Every engagement at Pilot tier and above includes: (1) findings report with reproductions and severity ratings, (2) remediation guidance per finding, (3) one retest engagement to validate fixes, (4) sign-off letter suitable for compliance teams, insurance carriers, and acquirer diligence. Compliance-Anchored adds explicit Article 15/16/26 mapping, ISO/IEC 42001 Annex A documentation, and an insurance-attestation pack. Annual Program adds quarterly re-assessments, monthly threat-intel briefings, and 24-hour emergency triage SLA.

How much does it cost?

Fixed-fee at every level. Pulse $4,500 (1 day). MCP Triage $12,500 (1 week). Pilot $28,500 (2 weeks). Standard $48,500 (4 weeks). Multi-Agent $78,500 (4 weeks). Compliance-Anchored $125,000 (5 weeks). Annual Program $185K-$285K (12 months). Payment is 60% on signature, 30% at delivery, 10% on retest sign-off. No hourly creep, no travel-cost surprises. Infrastructure and PoCs are included.

How long does an audit take?

Pulse: 1 day. MCP Triage: 1 week. Pilot: 2 weeks. Standard: 4 weeks. Multi-Agent: 4 weeks. Compliance-Anchored: 5 weeks (the extra week covers conformity mapping). Annual Program: continuous across 12 months with quarterly milestones. We meet the timeline or refund the unused portion.

Do you support EU AI Act compliance?

Yes — the Compliance-Anchored tier ($125k, 5 weeks) is purpose-built for it. Deliverables include explicit Article 15 (third-party testing) mapping, Article 16 (conformity assessment) documentation, Article 26 (deployer obligations) coverage, ISO/IEC 42001 Annex A alignment, and an insurance-attestation pack ready for compliance teams and M&A diligence. The framework's 69 risk classes and 139 validated test cases provide the audit trail regulators and carriers require.

What happens after vulnerabilities are found?

Every engagement includes a retest cycle: we hand over the findings, you remediate, we re-test the same surface to confirm the fix. Sign-off letters reference the retest. If you'd prefer to outsource the fix rather than implement in-house, our Custom Build service ships the defensive tooling — hardened MCP servers, prompt-injection monitoring, agent-loop circuit breakers, CI-integrated red-team — built to your stack and maintained on retainer.

Why fixed-fee?

Time-and-materials engagements punish vendors for being efficient. Fixed-fee aligns incentives: we scope tight, we work fast, you don't get billed for our learning curve. If we hit the timeline, we close the engagement on the agreed price. If we underestimate scope, that's our problem. The only escape valve is mutual scope-change agreement before extension — the original number doesn't drift.

NEXT

Scope an engagement.

Two questions. Forty-eight hours. One fixed-fee proposal.

Get a fixed-fee proposal →Read the methodology first →

See also: Training · Custom Build · Home