AegisAI
Contact Book a demo
Pricing

Per-tenant pricing. Everything important is in every tier.

The fail-closed defaults, the tamper-evident audit chain, the SAP authority parsing, and the OTel signals are not premium features. They're the product. What changes between tiers is volume, support, and dedicated infrastructure.

Pilot

For your first design-partner deployment.

$0/ first 90 days
  • One tenant, one data system
  • Up to 100k requests/month
  • Email support, 2 business-day SLA
  • Slack channel with the AegisAI team
  • Architecture review with your security team
  • Self-hosted (Docker / Helm)
Apply for pilot

Team

For production traffic from one business unit.

Contactus for quote
  • Up to 5 tenants, all four connectors
  • Up to 10M requests/month
  • Same-business-day support
  • Quarterly compliance review
  • OTel collector dashboards
  • SOC 2 evidence pack
Request a quote

Enterprise

For multi-region, multi-BU deployments.

Custom
  • Unlimited tenants and connectors
  • Custom volume and SLAs
  • 24/7 on-call support
  • Dedicated solution architect
  • Custom SAP Z-RFC mapping
  • KMS / Vault wiring engagement
  • Annual pen-test sharing
Talk to sales
Always included

Every tier ships the same security primitives.

No "audit chain on enterprise tier only" nonsense. The whole point is that the gate works the same way regardless of how much you pay.

Tamper-evident audit

Postgres-backed HMAC chain, end-to-end re-walk, integrity probe.

Field-tag firewall

Schema-driven masking with PII drift detection.

SAP authority parsing

BAPI_USER_GET_DETAIL + SUSR_GET_PROFILE_AUTH_OBJECTS with field-value enforcement.

Cross-cloud IAM

AWS, Azure, GCP — real SDK calls, fail-closed on connector error.

OpenTelemetry

OTLP HTTP exporter for metrics and traces. Wire to whatever you already run.

Pluggable secrets

Env, AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, HashiCorp Vault.

FAQ

Questions we hear before the contract.

Is AegisAI on-prem or SaaS?

Self-hosted today — Docker image and Helm chart ship with the product. We deploy alongside your existing data plane (it's data-adjacent, not data-replacing). A managed offering is on the roadmap once we have three reference customers.

How long does pilot setup take?

Two to four hours of work for an experienced platform engineer if you already have an OAuth IdP and a Postgres instance available. The first integration with SAP typically adds another half-day to map customer-specific auth objects through the Z-RFC extension point.

Do you train on our data?

No. AegisAI does not call any LLM. The only "AI" in the name refers to the AI copilots calling AegisAI from the other side. The product is deterministic Python.

What's the licence?

Commercial. Pricing is per-tenant. Source is available to design partners on a separate agreement; the standard commercial deployment is binary + Helm chart.

Can we deploy in our own VPC?

Yes — that's the default. AegisAI runs as a container alongside your existing services. Helm chart ships with non-root, read-only-rootfs, and seccomp defaults.

How do upgrades work?

Standard image pull and pod replace. Audit-chain integrity is verified on every boot. Schema migrations run via Alembic on container start; PRODUCTION refuses to serve traffic if migrations fail.

Not sure which tier fits?

Tell us your data systems and rough request volume; we'll send back a sized quote and a deployment plan in 48 hours.

Email us