AEGIS Cyber Reasoning System v1.4.0, submitted by Raknor.ai, has been evaluated under cybersecurity posture certification (Certification ID: RCS-2026-0001). Certification is DENIED with a score of 43.7/100 (Grade: F), below the minimum threshold of 70/100. No Mandatory Failure Conditions (MFCs) were triggered. Certification is denied due to insufficient cybersecurity posture score under framework thresholds. Lowest domain: Compliance Coverage (CP-COM) at 0/100.
This evaluation was conducted under Raknor Standard v1.0.0. Evaluation mode: AEGIS static + symbolic analysis. Observation source: AEGIS evidence bundle. The evaluation consumed evidence from an AEGIS security scan, scoring 7 cybersecurity domains. Framework-specific requirements: NIST CSF 2.0 (minimum 60% control coverage, maximum 1 critical and 10 high findings). Credential validity: 90 days.
DECISION BASIS: - No Mandatory Failure Conditions (MFCs) triggered - Score 43.7/100 below minimum threshold 70/100 - Vulnerability Posture (CP-VUL): 48/100 — below required 60 - Compliance Coverage (CP-COM): 0/100 — below required 60 - Continuous Monitoring (CP-MON): 20/100 — below required 60 - Observability & Instrumentation (CP-OBS): 0/100 — below required 60 Outcome: Certification Denied Certification is denied due to the following deterministic conditions: PRIMARY CONDITION: Overall security posture below certification threshold (70/100) Detail: System scored 43.7/100. Minimum cybersecurity certification threshold is 70/100. CONTRIBUTING CONDITIONS: - Required controls for target framework below threshold NIST CSF 2.0 requires 60% control coverage. System achieved 0.0%.
Resubmission is permitted after a 30-day remediation period. Before resubmission, the following must be addressed: - Vulnerability Posture: Score must be raised from 48 to at least 60 to be considered. - Compliance Coverage: Score must be raised from 0 to at least 60 to be considered. - Continuous Monitoring: Score must be raised from 20 to at least 60 to be considered. - Observability & Instrumentation: Score must be raised from 0 to at least 60 to be considered.
The following controls are mapped to their governing framework functions: CP-VUL → NIST CSF: DE.CM (Detect: Continuous Monitoring), PR.IP (Protect: Information Protection) CP-COM → NIST CSF: ID.GV (Identify: Governance), PR.IP (Protect: Information Protection) CP-MON → NIST CSF: DE.CM (Detect: Continuous Monitoring), RS.CO (Respond: Communications) CP-OBS → NIST CSF: DE.AE (Detect: Anomalies & Events), DE.CM (Detect: Continuous Monitoring), ID.RA (Identify: Risk Assessment) CP-REM → NIST CSF: RS.MI (Respond: Mitigation), RS.AN (Respond: Analysis) CP-SUP → NIST CSF: ID.SC (Identify: Supply Chain), PR.DS (Protect: Data Security) CP-PRV → NIST CSF: PR.DS (Protect: Data Security), DE.AE (Detect: Anomalies & Events)
Based on the totality of observed evidence, AEGIS Cyber Reasoning System v1.4.0 does not meet the minimum requirements for Raknor certification (Certification ID: RCS-2026-0001). No Mandatory Failure Conditions were triggered; denial is based on insufficient score under framework thresholds. Controls cited in this determination: CP-VUL, CP-COM, CP-MON, CP-OBS, CP-REM, CP-SUP, CP-PRV. This determination was made through independent evaluation based on observed system security posture based on AEGIS-generated evidence under controlled analysis conditions. Every finding referenced above is reproducible from the recorded evidence.
AEGIS Cyber Reasoning System was evaluated against the Raknor Cybersecurity Posture criteria with NIST CSF 2.0 framework requirements applied. The evaluation consumed evidence from an AEGIS security scan covering 177 files across javascript, rust.
Decision: Denied — 43.7/100
43.7 / 100
| Requirement | Threshold | Actual | Status |
|---|---|---|---|
| Control Coverage | 60% | 0.0% | FAIL |
| Max Critical Findings | 1 | 0 | PASS |
| Max High Findings | 10 | 1 | PASS |
| Credential Validity | 90 days | — | |
Special: No function below 40%
This certification record was produced by the Raknor Arena as part of a structured evaluation engagement. Raknor Governance Certification is operated by Raknor.ai. The governance scorecard is derived from the Equilateral AI Governance Scorecard (CC BY 4.0). Raknor operates at arm's length from agent platform vendors. Certification cannot be self-attested. This record constitutes a formal decision by the Raknor Certification Authority and may be independently verified by scanning the QR code above or visiting the verification URL. The QR code contains a cryptographic signature anchor — any alteration to the badge or QR code will be detected at verification time.