Concord by IaxaI Founders Program
Five MSSP slots. 90-day pilots. Direct line to the founders.
Built for MSSPs and MSPs serving regulated mid-market end-clients: banks, healthcare payers, insurance carriers, AI-era tech scale-ups. Locked Year-1 terms. No 100-call sales cycle. You shape the product; we keep your seat at the table.
Why a Founders Program
We're building this with you, not at you.
Concord by IaxaI is an engine plus a set of surfaces that turn your existing security stack into audit-grade evidence your regulated end-clients can hand to an examiner. We're early. The production MVP shipped in January 2026, two patents are in active prosecution at the USPTO, and a third candidate is in development. The surfaces still need real-world MSSP shape.
The first five MSSPs in get to drive that. No 100-call sales cycle. No layer of CSMs between you and the people writing the code. You email Mike. You email Kyle. You tell us what's broken in your practice and we fix it on a cadence you can actually feel.
In return, you get locked Year-1 terms, a 90-day pilot with white-glove onboarding, and early-mover positioning on a product the rest of the channel will be paying retail for next year. We learn together. You keep the head start.
What You Get
Six concrete commitments.
90-day pilot with white-glove onboarding
We deploy with you, not at you. Per-tenant rollout against a real end-client, real telemetry, real evidence packets. Not a sandbox demo.
Locked Year-1 terms
Founders pricing locked for Year 1. Renewal economics are negotiated mutually before Year 2. You don't get surprised on renewal.
Direct line to Mike (CEO) and Kyle (CTO)
Mike is a 18-year regulated-banking security practitioner. CISSP, CSSP, currently VP / Senior Network Security Engineer at First Horizon Bank. Kyle is ex-Director of Engineering at Thomson Reuters Finance & Risk and ex-AWS Engineering Manager. You get both of them. No gatekeeping.
Multi-tenant from day one
Per-tenant audit chains. Per-tenant evidence packets, white- labeled to your brand. Shared platform, separated data, no cross-contamination by design. Multi-tenant rollout is on the V1 timeline.
Compliance Auto-Packets: the wedge
Auto-generated FFIEC, SOC 2, HIPAA, and PCI evidence packets drawn from the same telemetry your analysts already work in. Hand each end-client a packet they take straight to an examiner. Stop building evidence in screenshots.
Co-design influence on V1
The Reverse Transpiler (write a detection once, deploy across every client SIEM/EDR), Drift + Auto-Repair, and the Knowledge Graph all land during the pilot window. Founders Program partners shape the order and the rough edges.
What We're Looking For
Fit-driven selection. Not first-touch.
Slots fill as they fit. We'd rather take three good fits than five mediocre ones.
Multi-tenant security operations practice. You run a SOC, MDR, or co-managed SIEM across more than one client.
At least five regulated end-clients. Community or mid-market banks, healthcare payers, insurance carriers, or AI-era tech scale-ups facing SOC 2 / PCI / ISO.
Compliance evidence handoff is real pain. If your team isn't building audit packets in screenshots and CSV exports today, we're not solving your hardest problem.
A decision-maker who can commit 30 min/week. Practice owner, service delivery lead, or technical principal. 90 days. Honest feedback.
Willing to be an early reference. If the product fits, we'd like to talk about it publicly. If it doesn't, you walk away clean. No obligation, no penalty.
What We're Not
Honest about the limits.
Not a tech-stack replacement
Concord sits above your existing stack. If you run CrowdStrike, Splunk, Sentinel, Okta, Arctic Wolf MDR, or anything else. Keep it. Concord reads what you already run and translates it. We never sit between you and your client's data.
Not a service delivery
We're an engine and a platform, not an MDR. We don't staff your SOC. We don't take your tickets. We don't compete with you for the customer.
Not vendor-locked
OCSF-aligned. Runs on top of whatever EDR, SIEM, IAM, and identity tools your clients already pay for. No rip-and- replace. No exclusive-vendor contracts.
What You're Plugging Into
Six engines. Three surfaces. Above OCSF, not parallel to it.
Semantic Translation
Vendor signals into one OCSF-aligned schema.
Entity Resolution
Same person across tools that share no identifier, with calibrated confidence.
Drift + Auto-Repair
Detect schema drift, propose a fix, shadow it, promote on approval.
Audit Ledger
Hash-chained, Ed25519-signed evidence chain. Per-tenant.
Universal Adapter
30+ vendor mappings shipped. New connectors via park-and-flag onboarding.
Knowledge Graph
Dense-sparse retrieval over the live security state of every tenant.
Compliance Auto-Packets
Surface 1: auto-generated audit packets for FFIEC, SOC 2, HIPAA, PCI.
Detection Portability
Surface 2: write a detection once, deploy across every client environment.
Semantic Dedup
Surface 3: collapse duplicate alerts across tools that describe the same thing differently.
Built for regulated end-clients from the start.
Patent posture
Two patents in active prosecution at the USPTO. A third candidate is in development.
SOC 2 Type I
Targeted Q3 2026. The gate that unlocks broader MSSP partner enablement.
On-prem Edge Gateway
Available for air-gapped deployments. Client telemetry never has to leave the client network.
More on the trust posture lives at /trust.
Apply
Five slots. Selection is fit-driven.
Apply through the contact form or email Mike directly at mike@iaxai.io. We'll respond inside 48 hours and book a 30-minute qualifying call. If it's a fit, the pilot agreement comes next.
Quick answers.
What's the term length?
Locked Year-1 terms. Renewal economics are negotiated mutually before Year 2. You see the math before you sign anything.
What does the 90-day pilot look like?
30-minute weekly cadence with the founders. Per-tenant deployment against one of your real end-clients. End-of-pilot deliverable is a working evidence-packet smoke test against that client's actual compliance regime: FFIEC, SOC 2, HIPAA, PCI, whichever applies.
How is this priced?
Pricing is a conversation, not a public price sheet. Email mike@iaxai.io.
Can I pilot with one client first?
Yes. Per-tenant deployment is the natural shape: one client, one chain, one packet. Expand from there.
When does the program close?
Goal: three signed pilots by end of Q2 2026. Slots fill as they fit. When the five are full, the program closes. Next wave is standard partner pricing.
Stop reconciling. Start trusting one timeline.
30-minute walkthrough. Your tools. Your tenants. Your audit cycle. We will show you exactly where Concord earns its keep.