CBRX AI Security & Governance is a consulting service that provides organizations with ongoing support for securing and governing AI systems. The service offers AI governance and compliance capabilities including AI policy development, decision processes, role ownership definition, AI system inventory and risk classification, and alignment with regulations such as EU AI Act, GDPR, NIS2, and DORA. It covers model and data lifecycle governance from approval through monitoring to retirement. The service provides architecture design for LLM applications, agents, and RAG systems, along with threat modeling for AI workflows and integrations. It includes implementation of guardrails, logging, monitoring, and abuse detection mechanisms. Vendor selection support is offered for model gateways, vector databases, and AI platforms. CBRX offers AI incident response capabilities with playbooks for prompt injection, data leakage, and abuse scenarios. The service integrates with SOC and incident response workflows and conducts incident investigations. The consulting is delivered through multiple engagement models including project-based work, retainer arrangements for ongoing AI security reviews and governance, and partner models for co-delivery with MSSPs and system integrators. The service can function as a fractional AI security lead or support existing security teams.