Ayliea is the AI security platform built around the open Ayliea AI Security Standard (AISS) — published at github.com/Ayliea/aiss under CC-BY-4.0. Score your AI surface against 12 compliance frameworks (1,277 questions) with reproducible math, vertical-specific bundles, and AI-personalized remediation. Available as a web app, an installable Progressive Web App, or a mobile companion. Whether you are running your first AISS self-assessment or proving compliance across SOC 2, ISO 42001, HIPAA, and the EU AI Act, Ayliea gives you a clear picture of where you stand — and a published spec your auditor can verify against.Documentation Index
Fetch the complete documentation index at: https://docs.ayliea.com/llms.txt
Use this file to discover all available pages before exploring further.
What makes Ayliea different from black-box scoring competitors: the standard you’re scored against is public. Every category score is fully derivable from the answers you provide and the published AISS spec. No proprietary algorithm, no vendor magic — hand auditors the JSON spec and they reproduce your score from your answers alone.
Who It’s For
GRC Professionals
Compliance officers and governance teams who need structured assessments mapped to SOC 2, ISO 42001, NIST AI RMF, HIPAA, and the EU AI Act — with audit-grade evidence reports and reproducible scoring.
Security Teams
Security engineers and analysts benchmarking AI surface controls against AISS, MITRE ATLAS threat coverage, and OWASP LLM Top 10 — with weighted risk scoring and prioritized remediation.
Org Leaders
CTOs, CISOs, and AI program owners who need executive visibility into AI security posture — clear scores, grades, vertical-specific bundle context, and trend tracking over time.
What You Can Do
Score
Run AISS — the open AI Security Standard — for free, or pair it with one of 11 other frameworks (CIS v8, NIST 800-53, NIST CSF 2.0, NIST AI RMF, HIPAA, SOC 2, ISO 42001, OWASP LLM Top 10, NIST IR 8401, AI Agent Security, SPD-5). 1,277 questions in total, all scored on a 0–100 scale with letter grades and weighted category breakdowns.
Audit
Drill into any score with Glass-Box Score — expand each AC-1 through AC-10 control domain to see questions answered, weights, framework crosswalks (NIST CSF, ISO 27001, NIST AI RMF, EU AI Act, MITRE ATLAS, Colorado AI Act, OWASP LLM Top 10), and a deep-link to the matching domain in the public AISS spec.
Apply Vertical Bundles
Set your org’s vertical (Healthcare or Financial Services today; Legal next) and AISS results filter through the priority sub-controls for that vertical by default. Healthcare ties to HIPAA + FDA SaMD; Financial Services to NYDFS Part 500, EU DORA, SR 11-7, FINRA, and SEC Marketing Rule.
Remediate
AI-personalized recommendations tied to your weakest sub-controls, backed by step-by-step remediation playbooks. Each recommendation links to evidence attachments so progress is tracked from gap → action → closure.
Report
Generate PDF reports summarizing posture, category scores, vertical-bundle context, and evidence attachments. Formatted for internal reviews, auditors, board updates, and cyber-insurance underwriting submissions.
Propose Changes
Disagree with how a control is scored? Every question row has a one-click “Propose AISS RFC” link that opens a pre-filled GitHub issue on Ayliea/aiss with the control ID and your context populated. Practitioners shape the standard through the same public process they use to consume it.
Pricing
Four tiers, all published openly — Enterprise has a price floor, never “Contact us”:| Tier | Price | What you get |
|---|---|---|
| Free | $0 | Your first AISS assessment, no credit card required |
| Pro | $500 / yr | + 1 paid framework (SOC 2, ISO 27001, HIPAA, etc.), AI recommendations, PDF reports, Glass-Box drilldown |
| Business | $2,500 / yr | All 7 compliance frameworks, continuous monitoring, advanced trust center, vertical bundle defaults |
| Enterprise | from $15,000 / yr | SSO, SIEM forwarding, ticketing writebacks, dedicated success manager, AISS vertical-bundle consultation |
Get Started
Start Free
Create your account, take your first AISS assessment, and see your score in under 15 minutes — no card, no demo, no sales call.
Read AISS
Browse the open standard on GitHub. 10 control domains, 56 sub-controls, 9 framework crosswalks, CC-BY-4.0.
Frameworks Overview
Learn about the 12 supported compliance frameworks and how to choose the right one for your organization.
Glass-Box Methodology
Read how scores are computed from the AISS spec — what an auditor sees when they verify your score.