Private AI for Regulated Engineering

Private, air-gapped AI to automate secure workflows in regulated sectors.

Aegis deploys local, loopback-only models inside your perimeter to parse code repositories and technical logs. Automate your compliance, security audits, and regulatory narratives — starting with your SR&ED claim filing. No code leaves the building.

Runs on Ollama, loopback-only. Zero external network calls.

Zero external network calls. Runs on Ollama, loopback-only, on your hardware. Verifiable by your security team, offline.

0external calls at runtime
0of experiment cycles cited to a dated artifact
0real Tax Court rulings behind the rubric
The problem

The companies writing the most critical IP can’t use public cloud AI.

High-stakes engineering organizations leave compliance tax credits on the table or burn weeks of expensive developers’ time on regulatory paperwork — because pasting proprietary code, configs, or logs into public cloud APIs is banned at their desk.

Technical compliance overhead

Writing T661 narratives, NIST security plans, and grant milestones falls to the people whose time is worth the most — from memory, under year-end pressure.

Second-hand reconstructions

Contingency consultants reconstruct the technical story second-hand — creating retroactive write-ups that auditors and reviewers give no weight.

“Cloud AI is banned at my desk.”

Pasting technical records or source code into a hosted model is forbidden for regulated teams handling sensitive IP. Public AI is not an option.


How it works

Three steps, one offline pass.

Point Aegis at your repository and logs. Everything below runs on your hardware; nothing is uploaded.

Deploy a private local node

We provision a secure local node directly inside your perimeter. Aegis reads commits, test logs, AD policies, or technical records locally, over loopback.

input: secure perimeter node · git log + config files

Select your compliance workflow

Run the SR&ED compiler, CMMC security mapper, or IRAP reporting engine. Technical narratives are generated directly from technical artifacts with full citations.

output: t661-part2.docx · NIST 800-171 checklist · evidence ledger

Verify outputs against regulatory authorities

Offline checkers flag weak assertions against court rulings or security guidelines before export. You get a HIGH / MEDIUM / LOW band and the exact fix.

output: compliance gap report · cited to authority

Human review is required before export. Aegis drafts and scores; a person signs.


Why Aegis is different

Three proofs, in order of how unfair the advantage is.

01

Air-gap is the product, not a setting

Runs on your hardware on Ollama, loopback-only, with zero external network calls. Competitors bolt a “private mode” onto a cloud product. Aegis was built air-gapped first — the only thing a banned-from-cloud buyer can say yes to.

How the air-gap works →

02

Every output links to technical evidence

The narrative is generated from contemporaneous artifacts — commit hashes, test logs, reverted branches — and keeps the provenance (repo, hash, timestamp) in the claim workspace. This is the literal defense against the failure mode the courts police.

See the evidence trail →

03

Compliance scored against regulatory standards

Review-risk scoring mapped directly to case law and security standards. Every flag cites a regulatory authority, making the output contestable and auditable — never a black box.

Why narratives survive review →


Product Workflows

One private engine, multiple compliance workflows.

Aegis Tech leverages local, air-gapped models to automate document-heavy narratives and verification audits.

Active Today

SR&ED Claim Automation

Our beachhead workflow. Aegis drafts T661 narratives directly from git logs and test results, tracing the chronological experimental progression required by the Tax Court.

Explore SR&ED workflow →

Roadmap

CMMC Security Mapping

Align your configuration logs, active directory policies, and network diagrams to the 110 NIST SP 800-171 controls to automate System Security Plans (SSPs).

Roadmap

IRAP & Grant Reporting

Map developer timesheets, Git logs, and sub-project histories directly to government funding milestones to generate compliant progress reports.

Roadmap

RFP Response Generation

Match bid criteria and compliance matrices in government RFPs against your internal technical records, code history, and team capability logs.


The centerpiece

Hover a sentence. See exactly where it came from.

Aegis doesn’t write a story and look for evidence afterward. The narrative is derived from the artifacts — so every line points back to a commit, a test log, or a reverted branch you can recognize.

Generated — T661 line 244 (illustrative)

In the May 2025 phase, we hypothesised that incremental response-buffering could hold paging latency under the 5-second target within the legacy stack. The buffered approach failed under concurrent load and was reverted; we then derived a dynamic single-column “stitching” query that returned results within 4.1s at the measured row counts, and recorded the result against the target.

Hover or focus a sentence to reveal its backing artifact.

Backing artifact
Hover a sentence to trace its evidence — repo, hash, and timestamp.
Commit · hypothesis
repo
pts-project
hash
a1f4c2e
when
2025-05-06 09:14

“wip: buffered paging spike — target <5s response, legacy SQL Server 2000 stack”

Reverted branch · failed approach
repo
pts-project
hash
7b9d0 ← revert
when
2025-05-13 16:40

Branch spike/response-bufferreverted after test-log #298 showed degradation under concurrency. A documented failure — not a gap.

Commit + test log · measured result
repo
pts-project
hash
2c8e11a
test
log #312 · 4.1s

“feat: dynamic single-column stitching query” — paired with test-log #312 recording 4.1s against the 5s target. Result measured, not asserted.

Illustrative data. The PTS-Project example is modelled on National R&D Inc. v. The Queen, 2020 TCC 47 — a real claim that won on uncertainty but lost on records (“single code snapshots… I am not able to deduce a trend from a single data point”, para. 70).


Why narratives survive review

The exact language that loses in court — next to what Aegis writes.

These are verbatim phrases from dismissed Tax Court appeals. Aegis flags this language deterministically, before you file, and rewrites toward the pattern that has actually survived review.

Language that loses

“This breakthrough in system flexibility created unlimited scalability.”

Highweb & Page Group, 2015 TCC 137 (rejected STA1). The court read inflated language as a “statement of business fact” and dismissed the claim.

What Aegis writes

“An incompatibility, not readily resolvable with existing, accessible products, which required research to devise code to allow data sharing between .NET and Java.”

The one Highweb sub-claim the Minister allowed— named a specific interface, said standard products couldn’t resolve it, and showed dated, phased testing.

Evidence that loses

A 50-experiment table that, on cross-examination, was “created after the fact for the CRA.”

National R&D, 2020 TCC 47, para. 71. Given no weight, and it damaged the witness’s credibility. Won on uncertainty, lost everything on records.

Evidence that survives

Each assertion linked to a dated commit, test log, or reverted branch — provenance preserved, demonstrably contemporaneous.

Aegis generates from the artifacts and keeps repo · hash · timestamp, so nothing depends on documents created for the audit (the failure mode the courts police).

Language that loses

Trial and error” · “standard web page programming” · “a commonly used tool.”

Hypercube, 2015 TCC 65 & Zeuter, 2006 TCC 597. The taxpayers’ own words proved routine engineering and sank both appeals.

What Aegis writes

Each failed option is followed by an analysis of whyit failed before the next is tried — the line between systematic investigation and trial and error.

Per Canafric, 2023 TCC 108: “conducted analyses in order to understand which requirement was not met” — the modern winning template.

Every quote is verbatim from the Tax Court of Canada decisions, collected in the Aegis SR&ED public case-law corpus and mapped to the five-question framework affirmed by the Federal Court of Appeal.


For your security team

Built to be reviewed offline.

Nothing here phones home — including this website. A reviewer can read every byte on an isolated host and confirm there is nothing to send.

  • Zero external network calls at runtime
  • Local model runtime on Ollama, loopback-only
  • Runs on your hardware, inside your network
  • Human review required before any export
  • Self-hosted fonts; no CDNs, analytics, or trackers
In pilot

We don’t have a wall of logos yet. We have 27 real Tax Court rulings behind every score, and a design partner running the first claims on Aegis hardware.

Pilot design partner. We won’t publish a customer quote we haven’t earned — this slot fills when the pilot closes.

Why trust an early-stage vendor

The proof is the corpus, not the pitch.

The review-risk rubric is published method, not a claim. It cites the exact paragraphs of the rulings it’s built on, so you (or your SR&ED consultant) can check our work against the authorities.

See the scoring method →

Questions

What the paranoid buyer asks first.

Does anything leave my network?

No. Aegis runs on your hardware with a local model runtime (Ollama) bound to loopback. There are zero external network calls at runtime, and the design is built to be verified offline by your security team. Even this website ships with no CDNs, fonts, or analytics to fetch.

What models does it use?

Open-weight models served locally through Ollama. Nothing is sent to a hosted API. Model selection is part of the deployment and stays on your hardware.

On my hardware, or yours?

Either, depending on the pilot. Today we also run claims as a service on Aegis-owned, air-gapped hardware. Long term, the product is designed to run inside your network. We’ll size that with you during the pilot.

How is this defensible versus a consultant?

A contingency consultant reconstructs your technical story second-hand, after the fact — the exact write-up the courts give no weight. Aegis generates the narrative from your contemporaneous artifacts and keeps the provenance, so the claim is grounded in records that predate the audit.

What happens if the CRA reviews it?

You file with an evidence ledger — every cited artifact has a repo, hash, and timestamp — and a review-risk report that already flagged the weak lines against named authorities. The standard a reviewer applies is the one Aegis scores against: the Northwest Hydraulic five questions, drawn from real rulings.

Can I build custom workflows on the Aegis engine?

Yes. The core Aegis local parsing and citation engine can be configured to map technical records (git history, database schemas, active directory policies) to custom compliance matrices, internal design standard reviews, or other regulatory reporting frameworks. Contact us to discuss your specific requirements.

Request a pilot

Automate your technical compliance without cloud dependencies.

Schedule a pilot for SR&ED claim automation, or discuss a custom workflow deployment in your secure perimeter. Pricing is set per pilot — not a public grid yet.

This opens your mail client to hello@aegistech.services. No data is transmitted by this page.