One portal that explains what we are building, why we are building it, and in what order — across the Cybersec91 and Infosec91 umbrellas. Written so a new joiner gets the picture in an afternoon and an architect can drop into specifics by lunch.
We are building India's sovereign security stack in two halves. Infosec91 is the assurance half — Identity, Data, Privacy, Governance: who has access to what, and is it allowed. Cybersec91 is the defense half — Threat, AppSec, Cloud, AI security: what is happening right now, and how do we stop it. Both share one foundation: a post-quantum-ready cryptographic core, a tamper-proof audit fabric, and the option to deploy anywhere — from public cloud to a fully air-gapped defence installation. MFA was the first product. The next 36 months turn it into a suite that covers every layer attackers care about, including the new ones that arrive with AI agents and Mythos-class workloads.
Identity, data, privacy, and governance. The slow, careful half — built for auditors, regulators, and the CISO's evidence binder.
Threat, application, cloud, and AI security. The fast half — built for SOC analysts, IR teams, and the 3 AM page.
Working assumption. If your view of the Cybersec91/Infosec91 split is different, this is where to push back — every other page in the portal builds on it. Mythos is treated as the AI/agent product line that lives in the Cybersec91 half; flag if it should be modeled differently.
Every byte of customer data stays in India. DPDP, RBI, SEBI, IRDAI, CERT-In, NCIIPC mappings ship with the product.
Cloud, on-prem, or fully air-gapped. Same code, same operating model. Defence and SaaS on one platform.
IdP-agnostic. SCIM, SAML, OIDC, RADIUS, LDAP. Weeks-not-quarters integration with what you already run.
Pluggable crypto. ML-KEM / ML-DSA / SLH-DSA aligned. When the mandate lands, it's a config flag, not a migration.
Every product in Cybersec91 + Infosec91, the gaps each one closes, and how they share infrastructure.
A capability-by-product grid with build status, owner team, and target quarter. The single source of truth for scope.
What attackers will do over the next five years — incl. AI agents and Mythos-era threats — mapped to the products that defend against each.
Engineering dependency graph. Which platform components unlock which products. The reuse argument made visible.
Plain-English, visual primer. Start here if you are new to the category. 10 chapters, 9 diagrams.
How MFA becomes the foundation for an entire identity and access suite. Strategic brief, 11 sections.
Complete GTM reference — positioning, personas, pricing, sales process. 17 sections.
8 frameworks, 60+ controls mapped to capabilities. Auditor-ready evidence + sales lead magnet.