Initial commit: antifragile cybersecurity consulting blueprint

Complete repository of frameworks, playbooks, and assessment resources
for cybersecurity consultations focused on antifragile enterprise design.

Includes:
- Core philosophy and manifest (5 pillars)
- 12 modular engagement packages
- AI sovereignty and operations frameworks
- Zero-budget vulnerability discovery and hardening playbooks
- M365 E3 hardening and antifragile project plans
- Osquery sovereign discovery platform blueprint
- Perimeter scanning capability guide
- AI-assisted TVM blueprint for AI-powered adversaries
- Vertical specializations: banking, telco, power/utilities
- CIS Controls v8 and NIST CSF 2.0 mappings
- Risk registers and assessment templates
- C-suite conversation guide and business case templates

antifragile-consulting/assessment-templates/README.md

@@ -0,0 +1,77 @@
+# Assessment Templates
+
+> *"What gets measured gets managed. What gets managed honestly becomes antifragile."*
+
+This directory contains diagnostic tools, maturity models, and assessment resources for evaluating organizational antifragility. Two production-ready tools are available now; additional assessments are in active development.
+
+## Planned Assessments
+
+### 1. Antifragile Maturity Model (AF-MM)
+
+A five-level maturity model covering:
+
+- **Level 1: Fragile** — Reactive, undocumented, dependent on single vendors
+- **Level 2: Robust** — Documented, monitored, but static
+- **Level 3: Resilient** — Automated recovery, tested backups, incident response operational
+- **Level 4: Adaptive** — Chaos engineering, continuous learning, structural improvement from failure
+- **Level 5: Antifragile** — Volatility is exploited for gain, optionality is strategic, intelligence is sovereign
+
+### 2. AI Sovereignty Readiness Assessment
+
+Evaluates:
+
+- Current AI usage inventory completeness
+- Data classification and leakage risk
+- Local infrastructure readiness
+- Vendor dependency and exit feasibility
+- Regulatory compliance posture
+
+### 3. T0 Asset Discovery Scanner
+
+Planned scripted assessment to:
+
+- Enumerate critical assets across on-premises and cloud environments
+- Classify assets by tier based on dependency mapping
+- Identify gaps in protection, monitoring, and recovery
+- Generate prioritized remediation roadmap
+
+### 4. Dependency Risk Mapper
+
+Planned tool to:
+
+- Map vendor and technology dependencies
+- Calculate coupling depth and exit difficulty
+- Identify hidden single points of failure
+- Simulate failure cascades
+
+### 5. Incident Learning Index
+
+Measures the organization's ability to convert incidents into structural improvements:
+
+- Mean time to structural fix
+- Post-mortem completion rate
+- Structural changes implemented per incident
+- Repeat incident rate
+
+## Development Roadmap
+
+| Quarter | Deliverable | Format |
+|---------|-------------|--------|
+| Q1 | AF-MM v1.0 questionnaire and scoring guide | Markdown + spreadsheet |
+| Q2 | AI Sovereignty Readiness Assessment v1.0 | Interactive web form or CLI tool |
+| Q3 | T0 Asset Discovery Scanner v0.1 | Python script (cloud APIs + on-premises) |
+| Q4 | Dependency Risk Mapper v0.1 | Python + network analysis libraries |
+
+## Contributing
+
+When adding new assessments:
+
+1. Document the purpose, methodology, and limitations
+2. Include scoring rubrics with clear criteria
+3. Provide sample outputs and interpretation guidance
+4. Version assessments and maintain changelogs
+5. Test on at least two different organizational profiles before release
+
+---
+
+*Return to [Repository Index](../README.md)*