Discovery Assessment · A first readFILE NO. 015 / DISCOVERY

A first read
on the risk.

What's broken, how bad, and where to look next. A focused pass through your AI endpoint in 5 business days — mapped to OWASP, ISO 42001, NIST AI RMF and EU AI Act at the summary level. Internal diagnostic, not a filing.

Request assessmentFull assessment instead
TierDiscovery
Price$3,500 / system
Turnaround5 business days
IncludesCredit toward upgrade · 30 days
01 / ScopeWhat you get

The findings that move the budget meeting.

A pulse check — not a filing. Designed to tell you, in five days, whether you need the full assessment, and what it's going to cost to fix.

● What's included
  • One AI system, up to 3 endpoints
  • Targeted subset of the 600+ test suite
  • 5–7 page Discovery report with critical & high findings
  • Framework mapping at the summary level (OWASP · ISO · NIST · EU AI Act)
  • Clear go / no-go recommendation on Technical Compliance
  • $3,500 credit toward upgrade within 30 days
Best for
  • Decision tool — not for regulatory submission
  • Quick AI security pulse check
  • Gap analysis before budget approval
  • Go / no-go decision on a full assessment
  • Teams planning to credit the spend toward Technical Compliance

⚠ Not suitable for regulatory submission or customer security requirements

02 / Upgrade pathDiscovery → Technical Compliance

Pay it forward — $3,500 credits to the full assessment.

Decide within 30 days and the full Discovery fee credits toward the $9,500 Technical Compliance Assessment. Existing evidence is reused; nothing is re-run.

● Math

Discovery → Full Assessment = only $6,000 more.

View Technical Compliance
03 / FAQDirect answers

Common Discovery questions.

Q · 01
How is this different from the $9,500 Technical Compliance assessment?
Discovery is a decision tool — not for regulatory submission. Faster (5 days vs. 10–14) and cheaper, but no evidence logs, no adaptive follow-up, no re-test, and no Technical Assessment Report. It identifies the problems; Technical Compliance documents them for filing.
Q · 02
What if I need to test more than 3 endpoints?
Discovery covers 3 endpoints. For 4–5 endpoints or any regulatory filing, upgrade to Technical Compliance Assessment ($9,500).
Q · 03
What's in the report?
A 5–7 page executive summary: critical and high findings, compliance impact across OWASP, ISO 42001, NIST and EU AI Act, general remediation categories, and a recommendation on whether you need the full assessment. Not included: evidence logs, reproduction steps, medium/low findings, re-test, or the Technical Assessment Report.
Discovery · 5-day turnaround

A first read by Friday.

Send us the endpoint. We send back the shortlist of what's broken, what's worth fixing now, and whether you need to file.

Request DiscoveryEmail audit@testmy.ai