Can state and local government agencies run Excalibur without cloud connectivity?

Yes. Excalibur by CyberAGI is sovereign and air-gapped by design. It deploys on a dedicated NVIDIA DGX Spark inside your environment and your existing authorization boundary, with zero data egress and no cloud dependency.

Can a small government security team run a full SecOps program with Excalibur?

Yes. Excalibur covers attack surface discovery, threat modeling, pentesting, vulnerability correlation, executive risk reporting, compliance, and attack prediction in one platform, which is how a small state or municipal team stands up a full SecOps program without a full department of analysts.

What does Excalibur cost for government agencies?

$10,000 NVIDIA DGX Spark hardware (one-time) plus $5,000/month billed annually ($60,000/year) with unlimited users and unlimited usage. That is a full SecOps program for roughly the cost of one senior analyst.

Is Excalibur used in production by government customers?

Yes. Excalibur is live in production with a municipal critical-infrastructure operator.

State & Local Government

Secure the State. Without the Cloud.

A five-person security team should not have to defend a hundred agencies. Excalibur is a full SecOps program in a single appliance. Sovereign, air-gapped, and inside your own authorization boundary.

Built for State CISOs, agency security leads, and critical-infrastructure operators

02 · The math todaySee platform →

The Public-Sector Asymmetry

Small teams. Massive surface area. Nation-state adversaries.

Typical state CISO team

4-7

Agencies to protect

30-100+

Prediction horizon

30 days

8 of 9 modules live·Air-gapped sovereign deployment·Inherits your existing ATO

Your reality

Three structural problems that compound every quarter.

You are four analysts protecting hundreds of systems. Detection alone is a full-time job. Modeling threats, forecasting attacks, hunting. Those never happen.

Headcount caps are set by legislature, not by threat model. The work that actually prevents the next ransomware event is the work nobody has time to do.

StateRAMP, CJIS, IRS Pub 1075, HIPAA, NIST 800-53. Most cloud-AI security tools cannot legally touch your data.

The ones that can are charging you DoD-tier prices and still routing your evidence through a third-party cloud. Your procurement office is right to push back.

You have watched peer states get hit. Detection means damage already happened. You need warning, not autopsy.

Every published ransomware case in public sector follows the same pattern: detection-only tooling, lateral movement undetected, dwell time in weeks. Your team needs a forecast, not a forensic timeline.

The shift

Stop renting security from somebody else's cloud.

Excalibur runs on your hardware, inside your authorization boundary, on proprietary private models with no offshore codebase. Same operational model that Splunk and ServiceNow use on classified networks, applied to the sovereign AI security layer your state actually needs.

What changes

A full SecOps program your team can actually run.

One platform, nine modules. Your 5-person team operates like 25.

Discover, Model, Validate, Correlate, Posture, Remediate, Govern, Predict. All native, all running on one DGX Spark inside your environment. No vendor sprawl, no integration tax.

Findings that took a 25-person SOC a week now land same-day with a 5-person team. The queue closes before the next standup.

Sovereign AI inside your authorization boundary.

Lives on customer-owned hardware. Inherits your ATO. CJIS data never leaves. HIPAA evidence stays put. Same operational model Splunk uses on classified networks. No FedRAMP gymnastics required.

Proprietary private models · No offshore codebase · Cleared for ATO and classified procurement.

Predict before they hit. 30-day attack horizon at 89% confidence.

Predict module fuses Discover, Model, Validate, and Correlate signal into forward-looking attack-path likelihood. You see where they will land before they do, not after.

Board packs now open with the 30-day attack horizon, not a CVE count. Agency directors see where they get hit next, in language oversight committees understand.

What you will actually run

The modules built for the public-sector reality.

Every module ships native, runs local, and stays inside your authorization boundary. No cloud dependency. No phone-home telemetry. No data path through CyberAGI.

Predict · 30-day attack horizon

Forward-looking attack-path likelihood scored against your environment. The board-level question 'where do we get hit next' finally has an answer.

Govern · CJIS, IRS 1075, NIST 800-53

Auto-maps lifecycle findings to your control framework. Pre-audit-ready reports. Exportable for external auditors.

Correlate · Cross-agency intelligence

One Context Graph spans every agency you protect. Query in natural language across years of incidents, findings, and ticket history.

Discover · Continuous attack surface

Every agency's external footprint mapped continuously. New shadow assets surface within hours, not the next pen-test cycle.

Validate · Agentic pentesting

Customer-controlled scope. Time-windowed. Human-verified before any action. Zero production outages to date.

Posture · Executive dashboards

The 'So What' view for legislators, oversight committees, and agency directors. Technical risk translated into governance language.

Air-gapped sync · Threat intel arrives, nothing leaves

User-controlled pulls from NVD, CVSS, EPSS, and threat feeds you choose. CyberAGI is not in the data path.

Learn · Per-environment fine-tune (roadmap)

LoRA fine-tune on your incident history. Self-refining models that learn your environment without leaving the box.

The leverage

A full state SecOps program for the price of one senior analyst.

Sold by others as

Built into Excalibur as

Mandiant TI subscription

$75K-$1.1M/yr

→

Inside Correlate + Predict

Splunk Enterprise Security

$150K+/yr

→

Posture + Correlate modules

Tenable + Qualys + Wiz stack

$200K+/yr

→

Discover module + native connectors

Apptega

$60K-$120K/yr

→

Govern module

The state and local scenario

The first sovereign AI deployment in your state sets the procurement template.

Whichever municipality, county, or state agency stands up Excalibur first defines what sovereign AI for public sector means inside the governor's office, the AG's risk register, and every peer agency's next budget cycle. Air-gapped, ATO-inheritable, hand-delivered to site. The procurement language is being written right now. The only question is whether your jurisdiction is on the precedent or playing catch-up to it.

✓First agency in the state owns the reference architecture

✓ATO inheritance compounds across peer agencies once one stands it up

✓Procurement language locks in by the second deployment

✓Federal funding cycles favor the precedent setter

✓Air-gapped sovereign AI is a 6-month build the day you decide

✓The next breach after-action will ask why you waited

Build the SecOps program your state actually needs.

See the full self-serve POC, run a posture report against your own external attack surface, then we talk about deployment inside your boundary.

Try Excalibur Schedule a brief→