Someone's agent is securing their home, their crypto, or their freshly vibe-coded app. It can now authenticate once, run a CISO Marketplace assessment, get structured JSON back, and pay per call — through one endpoint on the same identity and wallet your team already uses. Free for full members.
POST answers to a tool and get a scored result. Members run included tools free; everyone
else spends credits. Three MCP servers let agents discover and run the whole ecosystem — assess, remediate & buy, research & comply — on one login and wallet.
| Plan | Agent tool runs |
|---|---|
| CISO Marketplace Membership | Included — member-free (same as the human portal; runs save to your reports) |
| Tools plan (Starter / Pro) | Run from your monthly credits |
| Pay-as-you-go | 20 credits (~$20) or $39 guest per call from a prepaid wallet |
| ThreatWatch News (content) | Separate subscription — content only, does not include tool runs |
The Agent API is the programmatic door to the same tools and entitlements — not a separate product.
One login (id.cisomarketplace.com), one wallet, human and agent alike.
curl -X POST https://pay.cisomarketplace.com/api/v1/keys \
-H "Authorization: Bearer <your id.cisomarketplace.com token>" \
-d '{ "label": "my-agent", "spend_cap_cents": 5000 }'
# → { "key": "csm_sk_live_…" } (shown once — store it)
GET https://pay.cisomarketplace.com/api/v1/catalog # → machine-readable manifest: slug, endpoint, price, input_schema, output_schema
curl -X POST https://pay.cisomarketplace.com/api/v1/tools/ratemysoc/run \
-H "Authorization: Bearer csm_sk_live_…" \
-d '{ "inputs": { "answers": { "1.1": 3, "1.2": 2 } }, "idempotency_key": "uuid" }'
# → { "run_id": "…", "result": { "socLevel": "…", "overallPercentage": "…", … },
# "charged_credits": 20, "balance": 480 }
Charged only after a successful compute · same idempotency_key never double-charges ·
fetch a saved run with GET /api/v1/runs/{id}.
One login & wallet, three connectors — together they run the whole loop, assess → remediate → research & comply:
https://mcp.microsec.tools/mcphttps://mcp.cisomarketplace.com/mcphttps://mcp.compliancehub.wiki/mcpClaude.ai web: Settings → Connectors → Add custom connector → the /mcp URL → log in with your CISO
Marketplace account (it registers itself — no API key, no client ID). Claude Desktop / Cursor / your own agent:
use an API key as Authorization: Bearer csm_sk_live_…. Either way the agent acts as you, on your wallet.