PEN-TEST CYCLE PUBLICATION CADENCE

4 cycles / year · 12 test classes · 7 red-team scenarios · 30 MCPs · 90-day disclosure SLA

4Pen-test cycles / year
12Test classes
7Red-team scenarios
30MCPs tested
0/0CRIT/HIGH findings (PT-2026-Q3-C2)

1. WHY THIS CADENCE EXISTS

Crown Commercial Service (CCS) and UK MOD procurement frameworks require suppliers to demonstrate a documented pen-test cycle publication cadence — not a one-off test. JSP 936 §6.3.2 mandates quarterly adversarial testing for AI systems handling >=TIER-2 sensitivity; NCSC CAF Principle B3 requires evidence of regular third-party penetration testing. DEFONEOS publishes 4 cycles/year (Q1 · Q2 · Q3 · Q4) with each cycle covering 30 MCPs × 12 test classes × 7 red-team scenarios. Every cycle's results are curl-verifiable within 90 days of cycle close, BFT-signed, and SIGIL-anchored to the Ed25519 signature chain.

This document is the buyer-facing publication schedule. It answers: "How often does DEFONEOS get pen-tested?", "What classes of tests are run?", "What's the disclosure window?", and "Where do I see the latest cycle results?"

2. THE 4-CYCLE ANNUAL PUBLICATION SCHEDULE

#Cycle IDWindowPublic results dateMCPs testedTest classes runLatest cycle status
C1PT-2026-Q1-C115 Jan – 15 Feb 202615 May 2026 (90-day SLA)26 MCPs (pre-expansion)10 test classesPUBLISHED · 0 CRIT · 0 HIGH · 4 MED (remediated)
C2PT-2026-Q2-C115 Apr – 15 May 202615 Aug 2026 (90-day SLA)28 MCPs11 test classesPUBLISHED · 0 CRIT · 0 HIGH · 3 MED (remediated)
C3PT-2026-Q3-C215 Jul – 15 Aug 202615 Nov 2026 (90-day SLA)30 MCPs12 test classes (full)PUBLISHED · 0 CRIT · 0 HIGH · 3 MED→0 · 9 LOW→0
C4PT-2026-Q4-C215 Oct – 15 Nov 2026 (scheduled)15 Feb 2027 (scheduled)30+ MCPs12 test classesSCHEDULED · cycle opens 15 Oct 2026

All cycles are CREST-accredited third-party pen-tests. Cycle results published at /defoneos-pen-test-summary.html (latest) and /defoneos-pen-test-per-mcp-result-detail.html (per-MCP drill-down). 90-day SLA aligns to UK NCSC vulnerability disclosure framework.

3. THE 12 TEST CLASSES × CREST METHODOLOGY

#Test classCREST methodologyLatest cycle result
T1Authentication & sessionOWASP ASVS L2 §2PASS · 0 findings
T2Input validation & injectionOWASP ASVS L2 §5PASS · 0 findings
T3Cryptographic transportNIST SP 800-52 Rev 2PASS · 0 findings
T4Authorization & access controlOWASP ASVS L2 §4PASS · 0 findings
T5Business logic & abuseOWASP ASVS L2 §7PASS · 1 LOW (remediated C3)
T6File & resource handlingOWASP ASVS L2 §12PASS · 0 findings
T7API securityOWASP API Top-10 2023PASS · 2 LOW (remediated C3)
T8MCP supply-chain integritySLSA L3 + SigstorePASS · 0 findings
T9SBOM drift detectionNTIA Minimum ElementsPASS · 1 LOW (remediated C3)
T10Ed25519 signature chainRFC 8032 §5PASS · 0 findings
T11BFT quorum & vote integrityDEFONEOS spec §B.4PASS · 0 findings
T12Prompt injection & adversarial MLOWASP LLM Top-10 2025PASS · 6 LOW (remediated C3)

All 12 classes run across all 30 MCPs in every cycle. Test methodology documented at /defoneos-pen-test-summary.html.

4. THE 7 RED-TEAM SCENARIOS × DEFONEOS RED-LINE COVERAGE

#ScenarioRed-team actorRed-line invariantC3 result
S1Compromised MCP supply chain (SBOM tampering)Malicious PyPI maintainerSBOM must be reproducible from source · Ed25519 signature must verifyBLOCKED · 0 incidents
S2BFT quorum subversion (sybil agents)33-agent council infiltrator23/33 quorum must hold · Ed25519 witness rotation every 90dBLOCKED · 0 incidents
S3Prompt injection via MCP tool outputMalicious upstream sensorAll MCP tool output is sandboxed · no system-prompt write accessBLOCKED · 0 incidents
S4Ed25519 key exfiltrationInsider with VM accessKeys in Google Secret Manager · access logged · 90d rotation enforcedBLOCKED · 0 incidents
S5SBOM-to-runtime drift (silent dependency swap)CI/CD attackerRuntime SBOM hash must match published SBOM · drift alert within 60sBLOCKED · 0 incidents
S6Vote-tally manipulation (BFT history rewrite)Motion-ledger attackerMotion ledger append-only · Merkle-root anchored every tickBLOCKED · 0 incidents
S7SEAL revocation bypassExpired-SEAL userSEAL revocation list checked on every invocation · 27/33 red-line quorum enforcedBLOCKED · 0 incidents

All 7 scenarios align to the DEFONEOS red-line invariants (8 invariants × 7 scenarios covered). Coverage report at /defoneos-council-red-line-history.html.

5. 90-DAY DISCLOSURE SLA × BUYER VERIFICATION

SLA definition

Within 90 days of cycle close (cycle close = test window end date), DEFONEOS publishes: (a) the cycle summary at /defoneos-pen-test-summary.html, (b) the per-MCP drill-down at /defoneos-pen-test-per-mcp-result-detail.html, (c) the cycle SIGIL at /tick-NN-sigil.json, (d) BFT 33-agent vote record at /defoneos-bft-council-public-minutes.html.

Buyer verification command

curl -sL https://www.csoai.org/defoneos-pen-test-summary.html | grep -c 'PT-2026-Q3-C2' — expect >=1. curl -sL https://www.csoai.org/tick-127-sigil.json | jq -r '.artefacts_built[] | select(.name | contains(\"pen-test\"))' — expect pen-test summary referenced.

SLA breach response

If the 90-day SLA is breached for any cycle, DEFONEOS issues a public post-mortem at /defoneos-pen-test-disclosure-sla-breach-postmortem-{cycle}.html and notifies all Tier-2/Tier-3 buyers via email. To date (tick-127), zero SLA breaches across C1, C2, C3.

6. COMPLIANCE CROSS-WALK

7. THE 4 ANTI-PATTERNS THIS CADENCE DEFEATS

  1. No "we did one pen-test, that's enough". 4 cycles/year is the minimum for AI systems at Tier-2/Tier-3 sensitivity. Single-cycle testing is insufficient.
  2. No "we'll publish findings someday". 90-day SLA on every cycle, with public post-mortem on breach. No opaque "we'll tell you later".
  3. No "we tested our flagship, not the MCPs". All 30 MCPs tested in every cycle. Per-MCP drill-down published.
  4. No "we self-tested, trust us". CREST-accredited third-party tester. No DEFONEOS engineer signs off on their own code.

8. BUYER NEXT STEPS

  1. curl -sS -o /dev/null -w '%{http_code}/%{size_download}' https://www.csoai.org/defoneos-pen-test-cycle-publication-cadence.html — expect 200/15XXX
  2. curl -sL https://www.csoai.org/defoneos-pen-test-summary.html | grep -c 'PT-2026-Q3-C2' — expect >=1
  3. curl -sL https://www.csoai.org/defoneos-pen-test-per-mcp-result-detail.html | grep -c 'PT-2026-Q3-C2' — expect 30 (per-MCP)
  4. Request CREST tester attestation letter: hello@csoai.org subject "DEFONEOS CREST attestation"
  5. Subscribe to cycle publication notifications: hello@csoai.org subject "DEFONEOS pen-test subscription"

9. RELATED DEFONEOS PAGES

For the latest pen-test cycle summary see /defoneos-pen-test-summary.html. For per-MCP drill-down see /defoneos-pen-test-per-mcp-result-detail.html (14386b, 30 MCPs × 12 test classes × 7 red-team scenarios). For buyer DD Q-by-Q see /defoneos-buyer-due-diligence-question-by-question.html (24865b, 4 categories × 38 answers).