Data Integrity
Aegisnode's commitment to factual, verifiable intelligence — and the protocols we use to keep it that way.
All scan data comes from direct observation — not inference. Every finding in an Aegisnode report traces back to a specific, observable signal collected by our scan engine.
Every finding links back to the raw signal that produced it. No data is inferred, estimated, or modeled.
Every score in an Aegisnode report is mathematically derived from observable facts — not subjectively assigned. There are no black-box algorithms.
Each of 8 categories produces a score based on what the scan engine directly observes. Those category scores are weighted to produce an overall grade:
| Category | Weight |
|---|---|
| SSL / TLS | 20% |
| Ports | 20% |
| Email Security | 15% |
| Technology | 15% |
| DNS | 10% |
| Headers | 10% |
| Breach Exposure | 10% |
Grades are mathematically derived from these weighted scores. The scoring formula is transparent and reproducible — given the same scan data, the same score is always produced.
When vendors make security claims, Aegisnode cross-references those claims against real scan data using deterministic pattern matching. No AI is used in claim verification today.
Every claim evaluation produces one of three outcomes:
Scan data supports the claim
Scan data conflicts with the claim
Claim references internal controls not observable externally
We will always tell you when something cannot be verified rather than guess. Claims are matched against scan data using pattern matching — deterministic, repeatable, and traceable to the underlying evidence.
AI is not currently used in any Aegisnode scan, score, or report. The scan engine is 100% deterministic — DNS queries, TLS handshakes, API lookups, and regex pattern matching.
When AI is introduced, it will operate under seven non-negotiable principles. These are not aspirational guidelines — they are engineering constraints that will be enforced at the system level.
AI will only process data that already exists from deterministic scans. It cannot create findings, fabricate evidence, or produce data that wasn't captured by the scan modules.
Every AI-generated insight must reference specific scan findings by ID. An insight without a traceable source is automatically discarded.
AI outputs include a confidence score. Findings below our threshold are flagged for human review or suppressed entirely. Only high-confidence insights reach reports.
AI insights are cross-checked against raw scan data. If the AI's interpretation conflicts with the underlying evidence, the contradiction is caught and the insight is rejected.
AI cannot escalate the severity of a finding above what the raw data supports. It can explain and contextualize — it cannot upgrade risk levels beyond what the evidence shows.
We maintain a library of verified scan-to-insight mappings. When AI generates an insight, it's compared against known-correct interpretations. Drift from baselines triggers review.
Every AI inference is logged with: input data, model version, raw output, confidence score, gates passed/failed, and final decision. Full reproducibility.
All paid reports (Analyst and Command tiers) include human review by a CISSP/CISA certified professional. This is the final gate — a certified human reviews findings before they reach the client.
Automated output and professional judgment are not the same thing. The human reviewer can override, downgrade, or annotate any finding.
This layer exists precisely because no automated system — AI or otherwise — is infallible.
We would rather report fewer findings with higher accuracy than flood your team with noise. Every finding in an Aegisnode report is backed by observable evidence, scored by transparent methodology, and — on paid tiers — reviewed by a certified professional. If we cannot verify something, we will tell you. If we are wrong, we will correct it. Accuracy is not a feature we added. It is the foundation the product is built on.
Questions about our methodology? Contact security@aegisnode.io