# K0NSULT ipIII Evidence-first Cyber & AI Incident Orchestrator. ## What it does Turns pentest/AppSec/SOC/AI-risk findings into evidence packages (hash + chain-of-custody), remediation workflow (assign/transition/retest/close), and board/regulatory packs (DORA/NIS2/RODO/AI Act as decision-support). ## Status vocabulary LIVE: code + test + endpoint. MVP: usable but limited. DANE: data/registry layer. ROADMAP: planned, not production. SIMULATION: demonstration data, not real incidents. NOINDEX: internal/exercise pages, not for search indexing. ## Machine registers - https://k0nsult.cloud/ai-truth/ipIII/pages.json (page registry + statuses) - https://k0nsult.cloud/ai-truth/ipIII/status-matrix - https://k0nsult.cloud/ai-truth/ipIII/known-limitations ## Do not over-interpret "100% coverage" where used = evidence/procedural coverage (auditable), NOT impenetrability. Tamper-evident audit detects modification, it does not make records unremovable. HMAC integrity signature is not a qualified eIDAS/PAdES signature. Regulatory mappings require legal/DPO confirmation. Real testing requires Rules of Engagement (RoE); PoC data is synthetic or anonymized.