VOL 04 SUITE MAP 14 PRODUCTS · 6 DOMAINS · 1 CORE

The full suite, end‑to‑end.

Two umbrellas, six domains, one shared platform core. This is the canonical reference for what we are building under Cybersec91 and Infosec91 — the products today, the products on the roadmap, the customer questions each one answers, and how they share infrastructure.

§00 The mental model
Read top to bottom · gets denser
Novice · plain English

Two halves of one job.

Imagine a building. Infosec91 is the security desk at the entrance: who are you, can you come in, what rooms can you enter, and is the visitor log auditable. Cybersec91 is the guard team patrolling inside: watching cameras, responding to alarms, chasing intruders, defending the perimeter and the cloud.

You need both. One without the other leaves the building either un-policed or un-audited. We sell them as a unit so customers stop stitching ten vendors together.

Practitioner · operational

Assurance and defense.

Infosec91 = assurance. Slow, careful, evidence-driven. Identity, data, privacy, governance. Tied to compliance frameworks (DPDP, RBI CSCRF, SEBI, IRDAI, ISO 27001, NIST). Customer is the CISO, the DPO, the compliance head. Buying cycle is 6–9 months.

Cybersec91 = defense. Fast, real-time, alert-driven. Threat, application, cloud, AI security. Tied to incident frameworks (MITRE ATT&CK, CERT-In, NIST CSF response phase). Customer is the SOC head, the IR team, the AppSec lead. Buying cycle is 2–4 months, often after an incident.

Architect · structural

One platform core, two product surfaces.

Both umbrellas share a single platform core: pluggable cryptographic primitives (PQ-ready), tamper-evident audit log (chain-hashed), policy engine (OPA-style), and the deployment substrate (cloud / on-prem / air-gap). Every product on top is a different tenant of that core.

This is how a 14-product suite ships in 36 months instead of 10 years — each new product reuses 60–80% of an existing platform, and only the product-specific business logic and integrations are new code. See Vol 07 · Build Sequence for the dependency graph.

§01 The map
All 14 products · status today
Infosec91 · Assurance 7 products
Identity & access
Multi-Factor AuthenticationMFA● LIVE
Single Sign-OnSSO● BUILDING
Privileged AccessPAM○ Y2
Identity GovernanceIGA○ Y2
Data & privacy
Data Security & DLPDSP○ Y2
Privacy & ConsentDPDP○ Y2
Governance
Compliance AutomationCAP◇ Y3
Cybersec91 · Defense 7 products
Network & access
Zero Trust AccessZTNA○ Y2
Endpoint & Device TrustEDT◇ Y3
Threat operations
SIEM & DetectionSIEM○ Y2
SOAR & ResponseSOAR◇ Y3
Application & cloud
Application & API SecurityAPP◇ Y3
Cloud Security PostureCSPM◇ Y3
AI security · Mythos
Mythos AI Security LayerAIS◇ Y3–5
Shared platform core · everything sits on this
e91 Platform Foundation
PQ Crypto Audit Fabric Policy Engine Deploy Substrate Identity Graph Telemetry Bus Secrets / KMS Connectors

Status legend. ● LIVE shipping in production today · ● BUILDING active development, ships within ~6 months · ○ Y2 committed for year-2 · ◇ Y3 planned for year-3 onward.

§02 The six domains, in detail
What each domain answers · what's inside
Identity & AccessInfosec91

"Who is this user, and what are they allowed to do?"

  • Multi-factor authentication, every token typeMFA · LIVE
  • SAML / OIDC single sign-onSSO · Q3
  • Privileged session vaulting + recordingPAM · Y2
  • Joiner-mover-leaver workflows + access reviewsIGA · Y2
Data & PrivacyInfosec91

"Where is sensitive data, and is it leaving where it shouldn't?"

  • Data classification + DLP across SaaS & on-premDSP · Y2
  • DPDP consent ledger + DSAR fulfillmentDPDP · Y2
  • Field-level encryption + tokenisationDSP · Y2
  • Cross-border data flow controlsDPDP · Y3
GovernanceInfosec91

"Can we prove to the auditor that controls actually work?"

  • Continuous control monitoring against frameworksCAP · Y3
  • Evidence collection + audit binder exportCAP · Y3
  • RBI / SEBI / IRDAI / DPDP mappings out-of-boxAll · LIVE
  • Risk register + remediation trackingCAP · Y3
Network & AccessCybersec91

"Should this device, in this place, be talking to that thing?"

  • Zero-trust gateway, identity-aware proxyZTNA · Y2
  • VPN replacement for hybrid workforceZTNA · Y2
  • Device posture + attestationEDT · Y3
  • Continuous trust scoringEDT · Y3
Threat OperationsCybersec91

"Something looks wrong. What is it, and how do we contain it?"

  • SIEM with India-resident log lakeSIEM · Y2
  • UEBA — identity anomaly detectionSIEM · Y2
  • SOAR playbooks + auto-responseSOAR · Y3
  • CERT-In incident reporting automationSOAR · Y3
Application, Cloud & AICybersec91

"Is the code, the cloud, and the AI we run actually safe?"

  • API security + secrets managementAPP · Y3
  • Cloud posture (CSPM) + workload protectionCSPM · Y3
  • Mythos: agent identity + prompt firewallAIS · Y3
  • Model supply-chain & weight integrityAIS · Y4–5
§03 The shared platform core
Built once · reused 14 times

The reason a 14-product suite is even feasible. Eight foundational components, built once, that every product builds on. This is the unit economics of the company.

PQ CryptoFoundation

Pluggable post-quantum cryptographic primitives.

ML-KEM for key encapsulation, ML-DSA + SLH-DSA for signatures, classical fallback. Used by every product that signs, encrypts, or authenticates.

Audit FabricFoundation

Tamper-evident, chain-hashed, append-only event log.

Every authentication, policy decision, data access, and detection event lands here. The forensic substrate behind every compliance export.

Policy EngineFoundation

OPA-style policy evaluation, sub-millisecond.

One policy language across MFA conditional access, ZTNA gateway decisions, DLP rules, SIEM detections, and Mythos guardrails.

Deploy SubstrateFoundation

Same product, three deployment models.

Cloud, on-prem, and air-gap from one codebase. The reason we can sell to a fintech and a defence installation in the same quarter.

Identity GraphFoundation

Unified store of users, devices, agents, services, and their relationships.

Powers MFA, SSO, PAM, IGA — and crucially, gives Mythos a place to register every AI agent as a first-class identity.

Telemetry BusFoundation

Streaming event pipeline with India-resident retention.

Identity events flow into SIEM, SIEM detections flow into SOAR, SOAR responses revoke through the policy engine. One bus closes the loop.

Secrets / KMSFoundation

Multi-backend key management — software, HSM, cloud KMS, custom.

The deployment-substrate's twin: a customer can keep keys wherever regulation requires, including a sealed HSM in a Tier-IV datacentre.

Connector LibraryFoundation

Pre-built integrations with everything Indian enterprises actually run.

Azure AD, Okta, AD, LDAP, SAP, Oracle, Finacle, Flexcube, ServiceNow, RADIUS, SCADA / OT historians, plus 50 more. Built once, used by every product.

§04 Who buys what, where
Customer matrix · domain × segment
Domain
BFSI · Banks & insurers
Government & defence
Critical infra · power, telecom, OT
Identity & Access
CISO · Head of IT
RBI CSCRF MFA mandate, PAM for core banking admins
CIO · MeitY · STQC
Sovereign IdP, air-gap MFA, GEM portal procurement
OT security head
RADIUS for SCADA, MFA for jump hosts
Data & Privacy
DPO · Data Protection Officer
DPDP consent ledger, customer DSAR fulfillment
Joint Secretary IT
Sovereign data classification, citizen data residency
CISO + DPO
Operational data segmentation, vendor access logs
Governance
CISO · Compliance head · CRO
RBI / SEBI / IRDAI continuous control monitoring
CAG audit teams
Real-time evidence binder for govt audits
CISO + Plant head
NCIIPC / CERT-In control evidence
Network & Access
Network architect
VPN replacement for branch + WFH banking staff
Defence cyber commands
Air-gap-friendly ZTNA, no phone-home
OT network team
Identity-aware OT-IT boundary controls
Threat Operations
SOC head · CISO
India-resident SIEM, RBI fraud-monitoring overlap
NIC SOC · sectoral CERT
CERT-In aligned, sovereign log retention
OT SOC · sector CERT
OT/IT unified detection, SCADA telemetry
App / Cloud / AI
CTO · AppSec lead
API security for digital banking, Mythos for AI assistants
CIO · Chief AI Officer
Sovereign AI guardrails, agent identity registry
CTO · AI working group
LLM in OT — prompt firewall, model integrity
§05 Acronyms you'll see across the suite
Plain-English glossary
MFA
Multi-Factor Authentication
Proving who you are with two or more factors. The login second-factor.
SSO
Single Sign-On
Log in once, access everything you're allowed to. Reduces password fatigue.
PAM
Privileged Access Management
Vaulting the keys to the kingdom — admin accounts that can do anything.
IGA
Identity Governance & Administration
Joiners, movers, leavers. Who should have what access, reviewed quarterly.
ZTNA
Zero Trust Network Access
Replace the VPN. Each request is verified, regardless of network location.
DLP
Data Loss Prevention
Stop sensitive data from leaving — by email, USB, upload, or screenshot.
SIEM
Security Info & Event Mgmt
The log warehouse + detection engine. Where threats become tickets.
SOAR
Security Orchestration, Automation & Response
The robot that runs the playbook when an alert fires.
CSPM
Cloud Security Posture Management
Watching your AWS / Azure / GCP for misconfiguration that becomes a breach.
DPDP
Digital Personal Data Protection Act
India's GDPR. Consent, residency, breach reporting, fines up to ₹250 crore.
PQ
Post-Quantum Cryptography
Encryption that survives a quantum computer. NIST has standards. We ship them.
Mythos
e91 AI Security Layer
Our defence layer for AI: agent identity, prompt firewall, model integrity.
Next · Vol 05
Feature Matrix →
Drill into 200+ capabilities × status × owner × quarter.
Companion · Vol 06
Threat Horizon (0/3/5 yr) →
What we are defending against — incl. AI & Mythos-era threats.