# Thugir Labs > Thugir is an AI reasoning engine, built by Thugir Labs, that sits above your existing security tools. It correlates alerts from your whole stack, tells you what is actually critical, builds the realistic attack paths an adversary would take, and hands you a ranked, plain-English fix mapped to the compliance framework you answer to. It is built for managed service providers (MSPs) and regulated small-to-mid-sized firms such as law firms, GP and dental practices, and accountancy firms. Early access is open; pricing starts at £299/month. ## What Thugir is (and is not) Thugir is NOT another scanner, dashboard, or EDR. It is a reasoning layer that sits *above* the security tools you already run. A scanner runs tools and lists results; Thugir observes evidence, builds context, generates and validates hypotheses, scores what matters, explains its confidence, and prioritises the single action that reduces the most risk. The product is often described as "ChatGPT for your IT and security environment" — an operational intelligence engine, not a chatbot. It answers four questions: What happened? How bad is it? What should I do next? And, with your approval, can it fix it? ## How it works 1. Observe — Thugir ingests evidence from the tools you already run (endpoints, network, Microsoft 365, scanners). Every observation is traceable to its source. 2. Reason — it builds the attack paths a real adversary would take, separates signal from noise, and scores what matters using CVSS + EPSS + CISA KEV + your actual internet exposure, asset criticality, and blast radius. 3. Act — it produces a ranked, plain-English action plan, each fix mapped to the compliance control it satisfies. No 40-page PDF. ## Key differentiators - Evidence-backed, never hallucinated: every finding traces to a real artifact from a real tool; an AI guess is never shown as a confirmed fact. - Learns over time: analyst-rejected false positives stay gone; scan three is sharper than scan one. - Real risk scoring: a single 0–100 Thugir Risk Score combining CVSS, EPSS, CISA KEV, exposure, exploit availability and blast radius — not a raw CVSS list. - Attack-path synthesis: identifies realistic paths from exposure to crown-jewel data and the choke points where one fix closes multiple paths. - Compliance mapping: technical findings map automatically to regulatory controls and audit-ready evidence. - Safety model — "co-pilot before autopilot": by default Thugir only detects, explains and recommends; every action requires explicit human approval. Automation is opt-in. - Sits above existing tools — it does not require ripping anything out. ## Pricing (GBP, monthly; USD and EUR also available) - Essentials — £299/month — solo practice or single site. Monthly AI scan, plain-English report, core frameworks (Cyber Essentials, GDPR, plus one of SRA / CQC / NHS DSP Toolkit), evidence-backed remediation, email support. - Professional — £499/month (most popular) — growing firm or multi-site. Continuous monitoring, all 14 frameworks, attack-path synthesis, audit-ready compliance evidence packs, priority support and vCISO sessions. - MSP Partner — from £149 per client site/month — white-label, multi-customer central console, volume pricing with healthy margin, read-only customer portals. All plans: no setup fees, 30-day money-back guarantee, cancel any time, hardware optional. Founding-member pricing is locked for life for the first 50 teams. ## Compliance frameworks supported GDPR / ICO, ISO 27001, Cyber Essentials and Cyber Essentials Plus, SOC 2, HIPAA, NHS DSP Toolkit, SRA (UK solicitors), CQC (UK healthcare), PCI DSS, NIS2, FCA / SYSC, CIRCIA, and more — 14 frameworks in total. ## Who it is for - Managed service providers (MSPs) wanting fewer alerts, fewer tickets and better client security conversations — white-labelled across every client. - Small law firms (SRA, GDPR, Cyber Essentials pressure). - GP practices and dental clinics (NHS DSP Toolkit, CQC, ransomware risk). - Accountancy and financial advisory firms (GDPR, FCA, Cyber Essentials). - Any regulated small-to-mid-sized business that has good security tools but no time to interpret the alerts and connect the dots. ## Hardware (optional) Node One is an optional on-premises sensor for customers who want deeper local network visibility. It is not required — Thugir is software-first. ## Security and trust - Evidence-backed findings traceable to source tools. - Role-based access control (RBAC). - Append-only audit log — every action recorded, never altered or deleted. - Data is never sold or used to train public models. ## Contact - Sales and demos: sales@thugirlabs.com - Support: support@thugirlabs.com - General: contact@thugirlabs.com - Website: https://www.thugirlabs.com