Engagement catalog 2026 scope

One flagship engagement. Five orbital ways to start.

Olympus is the firm's flagship: a continuous application-security service that runs a closed agentic loop inside your tenancy. Most clients arrive on Olympus through one of five orbital engagements — an audit, a red team, a board-level read on AI exposure, a one-off code review, or an incident. Every engagement begins with a seventy-two-hour scope conversation and ends with a written attestation. There is no slideware in between.

Olympus · The flagship

Continuous application security, delivered as a closed loop.

Mill Creek operates Olympus inside your tenancy under a named partner engagement. The loop is the offering: three sprites running continuously against your codebase, with monthly attestation to your audit committee and a four-hour incident response SLA bundled in.

We do not stop at advisories. Vulcan ships the pull request.

Adversarial reconnaissance

Nemesis

Continuously probes your sanctioned agents, integrations, and tool-use surface. Operates at machine pace; reports with replayable evidence and tool-call provenance. Tenant-scoped — never leaves your VPC.
Source-aware audit

Delphi

A multi-agent council that reads your code against your policy library, grades findings by impact and likelihood, and drafts the remediation plan. Each finding lands with a named human owner.
Pull request, not advisory

Vulcan

Drafts the actual code, IAM, and policy changes that close the finding. Opens a pull request like any other contributor; your engineer reviews and merges. The diff is preserved with the finding. Rollback plan attached.

Scope: Continuous coverage of your application security surface — agents, integrations, browser tools, document pipelines, and the source repositories that compose them. Quarterly recalibration of the policy library with your CISO.
Engagement: Twelve-month commit. Thirty-day exit window each quarter, with no reason required. Comes online inside ten business days of signing.
Fee posture: Monthly retainer. Tiered against monitored surface area; published rate card available on request. Incident response bundled at four-hour SLA.
Engagement lead: Partner-led. Named CIO Council seat assigned for the duration of the engagement. Reachable to your CIO and VP Engineering throughout.
Deliverables: Continuous loop coverage, monthly attestation to the audit committee, quarterly policy-library review, replayable evidence per finding, four-hour incident-response SLA.

We say yes to

Engineering organizations whose application surface is now too large to be a once-a-year project. Boards that want a written security signal between audit cycles. CTOs willing to merge security PRs at the same cadence as feature work.

We say no to

Replacements for an in-house security team. Engagements where the goal is to reduce headcount rather than to raise the floor. Codebases the engineering team is not prepared to refactor against findings.

Visit Olympus in operator view → Request the Olympus brief →

Tier I

Entry-point engagements.

Three scoped engagements that often convert into Olympus adoption. For boards and engineering leaders who want a tested read before committing to the recurring service.

I. Assess

Application Security Posture Audit

A two-week, fixed-fee read across every sanctioned and shadow agent in your environment, plus the integrations they touch. Output is a board-ready exposure map, a prioritized remediation queue, and a one-page attestation that an engineering leader has actually walked the work. Most clients move to Olympus inside the same quarter.

Scope: Every sanctioned and shadow agent in scope, plus the integrations they touch. Code review of the agent harness; configuration review of the runtime.
Duration: Two weeks of engagement, plus a one-week findings clinic.
Fee posture: Fixed fee. Scope-locked at signing. Credit applied toward the first quarter of Olympus on conversion.
Engagement lead: Partner-led. Named at proposal. Reachable to the CIO and VP Engineering throughout.
Deliverables: Exposure map, prioritized remediation backlog, evidence pack, executive read-out, written attestation, Olympus on-ramp plan.

We say yes to

Boards that have already approved at least one production agent and now want to know what the change actually exposed. Compliance-aware industries with audit cycles inside ninety days.

We say no to

Pre-deployment evaluations of vendor agents. Procurement-led RFP responses. Anything where the deliverable is a deck, not a tested narrative.

II. Red team

Adversarial Sprite Engagement

A scoped, project-based engagement using Nemesis without the continuous loop. Live red team against your agents, integrations, and tool-use surface, conducted under written rules of engagement, with your legal and incident-response leads in the loop from day one. The deliverable is replayable evidence, not a narrative. Theater stays out of the report.

Scope: A negotiated test surface. Out-of-scope items are listed by name in the engagement letter.
Duration: Four to six weeks. Two weeks of testing, one week of triage, one to three weeks of evidence finalization.
Fee posture: Scoped engagement. Fee structured against the agreed test surface. Credit applied toward Olympus on conversion within ninety days.
Engagement lead: Partner-led. Co-runs daily standup with your incident response lead.
Deliverables: Replayable transcripts with tool-call provenance, validated findings with severity scoring, executive read-out, audit-grade evidence pack.

We say yes to

Production agents handling regulated data, customer communications, or code execution. Engagements where legal and incident response can join the daily standup.

We say no to

Tests where we cannot agree what is out of scope. Engagements run as marketing exercises rather than security exercises. Theater.

III. Audit

AI Audit

A board-level deliverable on agentic AI exposure across the organization — sanctioned agents, vendor systems with agentic features, internal tooling, and the policies that govern them. Written for an audit committee, not a technical reader. Often the entry point for boards specifically asking about Mythos-class risk.

Scope: Inventory and risk classification of every agentic system in scope, including vendor systems. Policy review against current regulatory posture.
Duration: Three weeks of engagement, plus a one-week board-readout cycle.
Fee posture: Fixed fee. Scoped against the agentic surface area at signing.
Engagement lead: Partner-led, with named CIO Council seat in the room for the board read-out.
Deliverables: Agentic inventory, exposure classification, policy gap analysis, board-ready read-out, regulator-ready timeline of agentic adoption decisions.

We say yes to

Boards that have asked their CISO a question the CISO cannot yet answer. Audit committees with imminent regulator engagement on AI exposure. Insurers requesting written posture.

We say no to

Marketing exercises dressed as audits. Engagements where the board is asking for cover, not clarity.

Tier II

Standing services.

Two services we offer alongside Olympus and as standalone engagements. Both are bundled at preferred terms for Olympus clients.

IV. Review

Secure Code Review

A manual and Delphi-assisted code audit for codebases not yet on Olympus. Used by engineering teams ahead of an architectural pivot, a regulated launch, or as a proof-of-concept engagement before adopting the continuous loop. The deliverable is a prioritized remediation backlog and, where Vulcan applies, opening pull requests for the highest-impact items.

Scope: A defined codebase or service boundary. Static analysis, manual review, Delphi audit pass, optional Vulcan PR drafts on highest-impact findings.
Duration: Three to six weeks, scaled to codebase size and depth requested.
Fee posture: Scoped engagement. Fee structured against codebase size and depth. Reduced rate for Olympus clients.
Engagement lead: Senior engineer-led, partner-reviewed. Daily standup with your engineering owner.
Deliverables: Findings report, prioritized remediation backlog, optional Vulcan-drafted pull requests, executive read-out.

We say yes to

Engineering teams ahead of a launch, an architectural pivot, or an acquisition. Codebases where the engineering owner is empowered to act on findings.

We say no to

Reviews where there is no named engineering owner. Engagements where the goal is a clean report, not a fixed codebase.

V. Respond

Incident Response, Agentic-Aware

Built for incidents where the suspect is software that was authorized to act on its own. A four-hour response SLA for Olympus clients, twenty-four hours for everyone else. Mill Creek brings the engineering, the sprites, and the partner who will sit on your call until the incident is closed. We are the people you want already on the call before legal joins.

Scope: Live incident triage and containment. Forensic preservation. Direct support to your CISO, legal counsel, and incident commander.
Duration: Through containment. Continued through post-incident review on request.
Fee posture: Hourly during incident, against a pre-agreed engagement rate. Olympus clients invoke at standing rate without a separate scope conversation.
Engagement lead: Partner on the call within SLA. Engineering muster within hours of dispatch.
Deliverables: Containment plan, forensic evidence preserved to audit standard, written post-incident review, regulator-ready timeline.

Within four hours

Hour 0 Page received. Partner on the call. Forensic preservation begins.
Hour 1–2 Triage with your incident commander and legal counsel. Containment hypothesis under review.
Hour 3–4 Containment underway. First written timeline drafted for executive and legal sign-off.

We say yes to

Incidents where an authorized agent took an unauthorized action. Suspected compromise of a tool-use surface. Cases where speed and evidence quality both matter.

We say no to

Cases that are clearly not security incidents. Engagements that need a body in a chair rather than a partner on a call. Ransomware negotiations.

Selected work

Three engagements, anonymized.

Specific clients and figures are withheld pending publication consent. Each item below is structured the way the eventual named write-up will be: situation, intervention, outcome.

U.S. health system · 50,000+ employees

A clinical-coding agent with broader authority than anyone realized.

Situation. A clinical-coding agent had been quietly extended with read access to a patient-facing scheduling system. The change was made under an existing approval; nobody escalated it.

Intervention. Mill Creek ran the two-week posture audit. We mapped the agent's effective authority, not its declared authority. The gap was twenty-six integrations wide.

Outcome. Authority reduced to the eight integrations the owner could justify on the call with the audit committee. Client moved to Olympus in the same quarter; first month's attestation went to the audit committee on schedule.
Federal civilian agency · mission-side

A red-team engagement that changed the procurement language.

Situation. The agency was about to procure an agentic case-management product. The security team had concerns but no leverage in the procurement conversation.

Intervention. Mill Creek ran a four-week adversarial sprite engagement against a vendor demo environment. Replayable evidence of three exploitable behaviors.

Outcome. Procurement language amended to require contractual remediation of all three. The vendor accepted. The procurement closed.
Global asset manager · AUM mid-eleven figures

A four-hour response that did not become a regulatory event.

Situation. An Olympus client paged Mill Creek when a research-summary agent began posting drafts to the wrong distribution list. Possible material non-public information exposed.

Intervention. Partner on call within seventeen minutes. Containment by hour three. Forensic evidence preserved to the standard the firm's counsel had set in advance — captured automatically by Olympus during the loop.

Outcome. Disclosure not required under the firm's regulatory framework. Internal review concluded inside the same business day. Olympus engagement renewed.

Selection criteria

We say no to more engagements than we say yes to.

Our reputation is the only asset that compounds across engagements. We protect it by being explicit about the work we will and will not take.

We say yes to

Engagements with a named executive sponsor at CIO, CISO, or VP Engineering level.
Production agents handling regulated data, customer communications, or code execution.
Boards with a written deadline for a tested risk narrative.
Engineering organizations willing to merge security pull requests at the same cadence as feature work.
Work where senior counsel and engineering are both in the room.

We say no to

Procurement-led RFP responses without an executive sponsor.
Engagements where the deliverable is a deck, not evidence.
Tests we cannot agree the boundaries of in writing.
Work where the ask is to validate a decision already made.
Anything that requires us to disparage a named competitor.

Standing order

Tell us which engagement is yours, or tell us none of them is.

The forty-five-minute briefing is run by a partner, under non-disclosure, and ends with a written read on whether the fit is Olympus, one of the orbital engagements, a different conversation, or no engagement at all. We hold a small number of intake slots each month for board-sponsored work.

Schedule the brief desk@Mill Creek.example

One flagship engagement. Five orbital ways to start.

Continuous application security, delivered as a closed loop.

Nemesis

Delphi

Vulcan

Entry-point engagements.

Standing services.

Three engagements, anonymized.

A clinical-coding agent with broader authority than anyone realized.

A red-team engagement that changed the procurement language.

A four-hour response that did not become a regulatory event.

We say no to more engagements than we say yes to.

Tell us which engagement is yours, or tell us none of them is.