Certus logoCertusby Octave-X
DocsPilot
Limited Enterprise Cohort

Certus Pilot · Evidence automation in 90 days

We co-own your compliance runway for one quarter: activating automated controls, delivering audit-grade Evidence Packs, and leaving your engineers with a signed playbook before you commit long term.

Start pilot intakeReview pilot scopeBook executive debrief

90 days

Time-boxed runway

From install to enforced Evidence OS with sign-off artifacts.

3 cohorts

Seats per quarter

We cap enrollment to preserve hands-on integration depth.

Unlimited exports

Evidence delivery

Signed JSON, PDF, SBOM, and ledger feeds wired to your GRC.

Program objective

Turn compliance from blocker to accelerator

Parallel workstreams cover onboarding, blueprint customization, and measurable outcomes on real repositories. We align on control commitments, roll out enforcement safely, and leave you with a signed Evidence OS runbook.

Eligibility
  • Engineering organization of 25+ contributors or equivalent pull request velocity.
  • Preparing for (or maintaining) SOC-2, ISO 27001, HIPAA, PCI-DSS, or similar audits.
  • Willingness to integrate Certus GitHub App or GitLab runner and share anonymized telemetry under NDA.
  • Executive sponsor (CISO, VP Engineering, or equivalent) to join milestone reviews.
Structured deliverables
Weeks 1–2

Workflow hardening

Parallel sessions to wire Certus into PR checks, calibrate branch protection, and configure deterministic gating.

Weeks 3–4

Evidence operations

Signed JSON/PDF packs per merge, mapped to SOC-2, ISO, HIPAA, and mirrored into your SIEM or GRC.

Weeks 5–7

Blueprint customization

Author up to three bespoke blueprints tuned to stack, deployment, and regulator. Includes IaC + runtime libraries.

Success criteria
  • PRs blocked only when evidence is incomplete—no more manual control gates.
  • All critical vulnerabilities triaged with MTTR under the agreed SLA.
  • Evidence packs exported automatically into your GRC within 15 minutes of merge.
  • Pilot teams ready for readiness-assessment checkpoints (e.g., SOC-2 readiness) with documented proof.
Pilot intake · 4–6 week sprint

Blueprint setup + runbacks in weeks, not quarters

Inside the 90-day runway we run a concentrated 4–6 week block: Certus engineers tailor blueprints, wire into your CI, and ship audit-grade runbacks before you commit long term.

  • Blueprint + control mapping sessions to align merge gates with SOC-2, HIPAA, PCI, and your internal policies.
  • Hands-on CI integration so tests, Semgrep, SBOM, and telemetry all stream into Certus automatically.
  • Signed evidence packs and risk briefings for two reference repos, ready for executive review.

Pilots remain free—matching the pricing section—while we’re in limited release with a capped cohort.

No cost

Step 1 of 4

Baseline facts so we can calibrate the pilot.

90-day motion
Week 1-2

Onboarding & Integration

Initial setup, repository access, and CI/CD pipeline integration.

Week 3-8

Active Development Phase

Real-world usage with weekly check-ins and continuous feedback.

Week 9-10

Review & Refinement

Comprehensive review session, success metrics analysis, and roadmap alignment.

Week 11+

Transition to Production

Migration to full production license with continued support.

Ready to join the next cohort?

Cohort sizes are capped to preserve hands-on integration. Submit your details—we respond within two business days with scheduling options.

Secure a discovery sessionpilot@certus.ai