Frequently Asked Questions

All products are delivered in three formats: Markdown (.md), PDF, and editable Word document (.docx). You can use whichever format fits your workflow — or all three.

You'll receive an immediate download link via Gumroad, Lemon Squeezy, or Stripe (depending on which platform you use). Files are available to download immediately after payment is confirmed.

Yes — each product is designed to be immediately usable. Variable fields (like [Your Company Name], [Policy Owner], [Review Date]) are clearly marked so you can customize them to your organization in minutes.

Checklists can be run immediately. Policies typically take 30–60 minutes to customize with your company's details. Frameworks may take a few hours to fully adapt, but they ship with an implementation guide to accelerate the process.

Yes. Our products align with OWASP LLM Top 10 (2025), NIST AI Risk Management Framework, ISO 27001 security principles, NIST SP 800-207 (Zero Trust Architecture), and MITRE ATLAS where applicable. Each product page specifies which frameworks it addresses.

Yes. All products are maintained and updated as the AI threat landscape evolves. Subscribers receive all updates automatically. Individual product purchasers receive updates for the specific products they've bought.

Traditional cybersecurity templates were written before AI agents, LLMs, and automated workflows existed as attack surfaces. Every Operate AI product is built specifically for multi-agent architectures, LLM-powered applications, and the threats unique to AI-native systems — including prompt injection, agent privilege escalation, and indirect injection attacks.

Yes. The LLM Application Security Checklist maps directly to all 10 OWASP LLM vulnerability categories (2025 edition). Other products address specific OWASP categories — the AI Agent Security Policy covers LLM01 (Prompt Injection) and LLM02 (Insecure Output Handling), for example.

The Data Handling & Retention Policy includes GDPR and HIPAA alignment. The AI Agent Security Policy and Framework align with ISO 27001 and NIST AI RMF. If you're in a highly regulated industry, we recommend using these as a foundation and adapting them with your compliance team for your specific regulatory requirements.

Yes — the policies and checklists help establish the documented controls that SOC 2 auditors look for. However, they're not a complete SOC 2 package on their own. Contact us if you need guidance on how to position these within a broader SOC 2 preparation process.

Yes. All Operate AI products include a team and agency license. You can adapt and deploy them across internal teams or client engagements. You cannot resell or redistribute the raw, unmodified documents as your own product.

The team/agency license covers your entire organization. There's no per-seat limit. You can share documents across your team, use them in client deliverables, and customize them freely.

Yes. You may remove Operate AI branding and replace it with your own branding for client-facing deliverables. If you'd like to resell the products as part of a packaged service, contact us to discuss partnership terms.

Due to the digital nature of our products, all sales are final. If you have a question about whether a specific product is right for your use case, contact us before purchasing — we're happy to help you decide.

The $49/month subscription includes: instant access to the complete back catalog (all current products), 1–2 new products per month as we release them, all updates to existing products, priority email support (24-hour SLA), and subscriber-exclusive security briefings.

New products are released throughout the month rather than on a fixed schedule. You'll receive an email notification whenever a new product is added to your subscription library.

You can cancel anytime. After cancellation, you retain access through the end of your billing period. All products downloaded during your subscription remain yours. You won't receive new products released after your cancellation date.

Yes. Contact us with proof of your individual product purchases and we'll apply a credit toward your first subscription month. Email hello@getoperateai.com.

Email us at hello@getoperateai.com. Subscribers receive priority support with a 24-hour response SLA. All other customers receive responses within 2–3 business days.

Yes. If you need a custom security policy, framework, or playbook for a specific use case or industry, contact us to discuss your requirements. Custom work is scoped on a project basis.

Absolutely. Our product roadmap is heavily influenced by subscriber and customer feedback. Send your request to hello@getoperateai.com with the subject "Product Request" — we prioritize the most-requested topics.

We're working on a formal affiliate program. In the meantime, if you refer clients or colleagues who purchase, email us and we'll arrange a thank-you credit for your account.