Models deployed inside your IL4 / IL5 / IL6 boundary — not wrapping a public API. Agent teams ship the compliance plumbing. GS-15 program operations makes it authorizable.
About SigilArk
SigilArk ships air-gapped AI agent teams into classified mission programs — models running inside the enclave, not API calls to a commercial endpoint. That’s the delivery model.
The founding team carries the operational spine that makes it authorizable:
AI is how we compress the work; the program-operations discipline this team brings is how the work survives the ATO.
Air-Gapped AI Delivery
Most “AI-enabled” contractors wrap a public API. That model works on the unclassified side of the boundary and nowhere else. SigilArk deploys the models themselves — open-weight, on approved hardware, entirely inside your classified network — so the AI lands where your program actually lives: IL4, IL5, IL6, and the tactical edge.
Open-weight models (Llama, Mistral, GPT-OSS) deployed on approved hardware inside your classified network. No external API calls, no egress, no SaaS dependencies — training data, prompts, and responses stay inside the classification boundary they originate in.
Every agent action is logged with prompt, tool invocation, and output — structured for RMF control-family evidence. Not a black box. Your assessor reads the trail the same way they read a change request.
STIG-hardened host images, FIPS 140-3 cryptographic modules, Iron Bank containers. Tactical edge postures included — the same agent teams run on a shore enclave and a forward-deployed tactical node.
Customer Products
Glyphon is the AI orchestration platform for the classified mission — deployed inside your authorization boundary at IL4 / IL5 / IL6. Affirmark is CMMC Level 1 self-attestation for the SMB DoD subcontractor wave that maps into those programs — deployed inside the customer's AWS, Azure, GCP, or on-prem boundary. Both inherit the audit-trail discipline SigilArk's delivery work runs on.
Our Flagship Product
Agentic Orchestration Platform
Born from years of program management, AI engineering, and cyber operations in classified federal environments — Glyphon is the platform we built to solve the problems we lived. It coordinates multi-provider AI agent teams that scan, remediate, verify, and document at mission speed, with human oversight at every decision point.
Glyphon is available as a commercial product at glyphon.ai. SigilArk delivers it embedded inside your authorization boundary — not as a hosted API call across the boundary — so the platform runs where your ATO already covers it.
Write once, run on OpenAI, Claude, Gemini, or AWS Bedrock. Native SDK runners with automatic model routing, prompt caching, and per-generation cost tracking.
Team Lead orchestrator with tiered autonomy. Escalations route to CLI, web dashboard, email, Slack, SMS, or Teams — first responder wins.
CVE resolution, SAST remediation, AMI hardening, container hardening, security posture, eMASS submission, and SSP generation — all battle-tested.
Iron Bank containers, AWS GovCloud via Bedrock, air-gapped enclaves via local inference. Hash-chained audit trail satisfies NIST SP 800-53 AU controls.
Our CMMC L1 Product
CMMC Level 1 self-attestation, sealed.
Affirmark gives small and mid-size DoD subcontractors a focused workflow for the 15 L1 requirements and 59 assessment objectives — implementation narratives, evidence mapping, the annual SPRS cycle, and continuous control monitoring between cycles. Same database steps up to Level 2 (the 110 controls of NIST SP 800-171 R2) when your contracts pull in CUI.
Affirmark deploys inside your AWS, Azure, GCP, or on-prem boundary — your data never reaches Affirmark the company. Available at affirmark.com, currently in a design-partner cohort with SMB DoD subcontractors working their first SPRS cycle.
Domain coverage, gap list, evidence freshness, audit-chain status — the first screen your L1 manager checks at the start of the day.
One artifact can support multiple objectives. Affirmark hashes every upload, tracks freshness, and marks primary vs. supporting evidence so the assessor reads what matters first.
Mailbox + API ingestion from your IdP, EDR, and scanner stack — drift surfaces in near real time, not at the next cycle close.
Every write to a compliance entity appends to a hash-chained log. A signed CLI tool lets your assessor verify the chain offline.
Behind the Product
To build Glyphon — and to deliver federal engagements under the weight of RMF authorization — we built the internal tools we needed. Colophon and Vallark are SigilArk's proprietary delivery capabilities for AI-first engineering under compliance load.
AI-First Engineering Bench
Build fast. Ship authorized.
SigilArk's AI-first engineering bench. Government programs need dozens of specialties to ship under ATO; SigilArk runs them with a few humans directing the bench — humans decide, the bench ships the system and its RMF evidence together.
Visit Colophon
Mobile ATO Compliance Floor
ATO-ready on day one.
A .mil mobile ATO typically takes 12+ months of compliance plumbing before anyone writes a feature. Vallark is SigilArk's delivery capability that ships that floor pre-built — controls, documentation, and automated gates across every layer your program has to authorize.
Visit VallarkColophon in Production
Shipped at IL4, two stacks for the Defense Health Agency (DHA). Scheduled baselines: 7 and 8 months per stack; Colophon’s agent bench delivered iOS, Android, Web, and API inside 4 weeks apiece, with continuous eMASS updates — the authorization package re-drafted on every commit, from day one. Full STIG compliance, zero CVEs across the set.
Delivered as a sub-tier partner; contract-level details available under NDA.
AI Agent Teams — What They Actually Do
Agent teams embedded in your classified workflow — not wrapping a public LLM, not another dashboard on top of existing scanners. The agent reads the control language, the threat advisory, and your codebase, then proposes the fix or the POA&M in the format your assessor expects. Humans decide; agents do the plumbing.
An agent reads NIST 800-53 control language, walks your code repo, drafts the control-implementation narrative in eMASS format, and re-drafts on every commit. Humans review; the agent edits. eMASS stays current with the reality of the system.
The agent runs STIG scans, reads the finding, proposes a code or config patch, opens the PR with the rationale, and writes the POA&M entry for what can't be fixed this cycle. Humans approve; the agent executes and tracks the close-out.
Agents parse threat-intel feeds against your ATO package, flag the specific controls a new threat invalidates, and generate a pre-filled change-request for your RMF assessor. Your assessor reads a reasoned delta, not a raw alert.
The agent pulls your container image, runs Iron Bank and STIG checks, patches the base layer, re-tests, and opens a signed PR with the SBOM delta and a human-readable changelog. The next deployment ships audit-trail-ready.
Why SigilArk
Open-weight models deployed inside your classified enclave on approved hardware — no external API, no egress, no cross-boundary data exposure. Commercial LLMs can't deliver here; we do.
Agent teams are how we deliver, not a feature layered onto traditional work — proven on our own programs via the Glyphon platform we built.
Deployed solutions hardened for tactical edge and classified environments up to IL5 — same agent stack on a shore enclave and a forward-deployed node.
Three full stacks delivered at IL4 for DHA — 0 CVEs across the set, full STIG compliance every cycle, eMASS re-drafted on every commit. The discipline scales.
Contact
We're ready to discuss how SigilArk can support your program objectives.
Accessible through our partner Accelera.