Keys never leave your machine

SSX360 · hosted control plane

Services

SSX360 helps financial institutions and regulated software teams produce examiner-ready evidence for AI-assisted code changes — signed envelopes at commit, Scroll Gate at merge, and offline-verifiable audit packs aligned to voluntary frameworks.

We offer scoped advisory, pilot rollout, and hosted control-plane services. Matrix Scroll remains the open protocol; SSX360 is where institutions govern, verify, and export proof.

Services

Evidence infrastructure for regulated software change

SSX360 helps financial institutions and regulated software teams produce examiner-ready evidence for AI-assisted code changes — signed envelopes at commit, Scroll Gate at merge, and offline-verifiable audit packs aligned to voluntary frameworks.

We offer scoped advisory, pilot rollout, and hosted control-plane services. Matrix Scroll remains the open protocol; SSX360 is where institutions govern, verify, and export proof.

Voluntary framework · SDLC slice

FS AI RMF evidence mapping

Draft control-to-artifact mapping for agent-authored merges, paired with PCI DSS v4.0.1 Req 6.5.1 change-control language. Scoped to change management — not all 230 objectives.

  • Public mapping tables and claims ladder
  • Free self-assessment checklist with maturity bands
  • Sample ssx360.evidence-pack.v1 for assessor review
FS AI RMF program

Protected branches · fixed engagement

Provenance pilot

Roll out signed envelopes and Scroll Gate on your repos — warn-mode telemetry first, then enforcement. For teams where Copilot, Cursor, and agent tools already merge to main.

  • Scroll Gate CI on protected branches
  • Envelope notes and rollout playbook
  • Assessor-ready export sample before enforcement
Book provenance pilot

Team & enterprise programs

Hosted control plane

Central policy registry, hosted verification, queryable audit history, and JSON evidence export — keys and repo contents stay local via Matrix Scroll.

  • Team policy registry and member management
  • Hosted POST /api/v1/verify and audit ledger
  • Compliance mappings in evidence-pack export
View engagement models

Offline verification · no platform trust

Assessor-ready evidence export

Export signed evidence packs your assessor verifies in CLI or browser. Produces evidence aligned to FS AI RMF, PCI, DORA, and SSDF language — not certification.

  • ssx360.evidence-pack.v1 schema and sample pack
  • Browser verifier at ssx360.com/verify
  • Detached signatures and compliance_mappings[]
Evidence pack schema

Framework partners · innovators

Ecosystem mapping review

We welcome structured feedback on draft mappings from framework stewards, assessors, and regulated institutions evaluating the artifact gap for AI-assisted SDLC.

  • Mapping feedback via contact form or email
  • Scoped redlines — internal IDs crosswalked to official RCM
  • Optional working session on artifact samples
Share mapping feedback

Annual contracts · procurement-ready

Enterprise compliance program

SSO, custom policy presets, SIEM export roadmap, and dedicated rollout support for payment networks, hyperscale platforms, and regulated banks.

  • Enterprise viability brief and procurement pack
  • Custom framework preset alignment
  • Dedicated support and rollout SLA
Enterprise inquiry

Questions on scope, mapping redlines, or pilot timing — reach mission@ssx360.com or use the contact form. We welcome feedback from framework stewards and assessors.

Contact SSX360