Enterprise Readiness

Security, Compliance & Procurement

Banks and regulated buyers ask for these before they ask about features. Here's everything your vendor-risk and procurement teams need — each artifact below carries an honest status: available now, available on request, or in progress / on the roadmap. We don't link to documents that don't exist, and we don't claim certifications we don't hold.

01 · Available now

Self-serve — read or run these today

These are live pages on this site. No NDA, no request form, no waiting.

Security Overview Available

Encryption, access control, tenant isolation, signing-key handling, and incident posture. Read the Security Overview →

Architecture & Deployment Available

SaaS, customer-VPC, and on-prem deployment models — no data leaves your tenant. View deployment options →

SLA & Uptime Commitments Available

Service-level targets, uptime commitments, and support response expectations. Review the SLA →

Data Processing Agreement (DPA) Available

How EVE CoreGuard processes data on your behalf, sub-processors, and data-handling terms. Read the DPA →

Trust Center Available

What EVE CoreGuard claims — and explicitly does not claim — stated plainly for auditors. Open the Trust Center →

Technical Whitepaper Available

The governance architecture, signed-decision evidence model, and enforcement design. Read the whitepaper →

Offline Evidence Verification Available

Verify any signed governance decision yourself — no EVE server, no network, no trust required. Verify a decision →

02 · Available on request

We have these — email procurement to receive them

These documents exist but aren't published publicly. Your procurement or vendor-risk team can request them directly; we typically respond within two business days. Healthcare BAA requests are scoped to active engagements.

Master Services Agreement (MSA) On request

Our standard commercial contract terms for review by your legal team. Request the MSA →

Business Associate Agreement (BAA) On request

For healthcare engagements involving PHI. Scoped to active or contracted deployments. Request the BAA →

Vendor Security Questionnaire On request

Completed SIG Lite / CAIQ responses for your vendor-risk assessment process. Request questionnaire responses →

Certificate of Insurance (COI) On request

Proof of commercial liability and cyber coverage, addressed to your entity as required. Request the COI →

03 · In progress / on roadmap

Not yet available — here's the honest status

We will not claim an attestation, audit, or certification we don't have. The items below are genuinely not complete yet. There is no document to download and no request that would produce one today.

SOC 2 Type II In progress

An independent SOC 2 Type II examination is underway. Not yet complete — no report exists to share. Status: In progress

Penetration Test Summary Planned

An independent third-party penetration test is planned. No summary is available yet. Status: Planned

Third-Party Security Assessment Planned

An external security assessment is planned. No report has been produced yet. Status: Planned

Honesty note (as of June 2026): The SOC 2 Type II, penetration test summary, and third-party security assessment listed above are not yet available. "In progress" and "Planned" mean exactly that — they are not finished, and we will only publish or share them once they genuinely exist. We do not hold SOC 2, ISO, or PCI certifications, and we do not claim any completed audit on this page.

04 · Commercial

Engagement tiers

Indicative pricing for procurement planning. Full details and current terms are on the pricing page.

Design Partner

$37,500

pilot

Enforcement

$150,000

per year

Enterprise

$450,000

per year

Sovereign

$1,200,000

per year

Book a 30-minute review

Walk your vendor-risk, security, and procurement teams through any of the above. We'll bring the documents you're cleared to receive and answer the rest live.

Book a 30-minute review See pricing & tiers