ITAR CONTROLLED CMMC 2.0 CUI — DEFENSE
Compliance Intelligence for Defense

AUDIT
READY.
ALWAYS.

dominiq is the AI compliance OS for Tier 2 and Tier 3 defense subcontractors — ITAR classification, CMMC audit prep, and supply chain vetting at a price your 40-person shop can actually afford.

300k+
US suppliers impacted
by CMMC 2.0
$500k
average Big 4
compliance cost
18mo
average time to get
audit-ready, unaided
dominiq / live-scan / workspace
# initiating workspace scan...
110 controls
NIST 800-171 practices required
for CMMC Level 2 certification
$250k+
minimum ITAR penalty per
unauthorized disclosure
72hrs
max time to report a CUI
incident under DFARS
~3k
qualified CMMC assessors for
300k+ suppliers who need one
The Real Problem

COMPLIANCE IS
BREAKING SMALL
DEFENSE SHOPS.

"We lost a $3M Raytheon subcontract last quarter because we couldn't prove our document access logs were clean. I have 38 employees. My compliance person is also my HR manager. She's not a lawyer. She's not a CMMC consultant. She's just terrified."

— Owner, 40-person aerospace machining shop, Ohio

01
Document chaos nobody owns
ITAR-controlled drawings live in someone's Gmail, a shared Dropbox, a thumb drive from 2019, and a binder in accounting. Nobody knows which version is current. An export control violation waits in every inbox.
02
Audit prep that takes months — every time
When a C3PAO assessor shows up, they want policies, access logs, training records, and evidence for all 110 NIST 800-171 practices. Most suppliers spend 3–6 months manually assembling this from scratch, every single audit cycle.
03
Supply chain blind spots
Prime contractors are pushing CMMC requirements down to Tier 2s, who need their own sub-suppliers to comply. One non-compliant fastener supplier can kill a $50M prime contract. Nobody has visibility into this.
How It Works

OPEN. CONNECT.
GET AUDIT-READY.

01
Connect your existing systems
Link SharePoint, Google Drive, Dropbox, shared network drives, or email. dominiq ingests everything — no migration, no restructuring.
SETUP: < 30 MIN
02
AI classifies every document
Every file is read and labeled: CUI, ITAR-controlled, export-restricted, or clean. Access logs tracked. Foreign national exposure flagged automatically.
AI-POWERED
03
Live compliance gap report
Maps your current state against CMMC Level 1 or 2 and ITAR §120–130. Every gap linked to the exact document or policy that caused it.
REAL-TIME
04
One-click audit pack
Generates your SSP, POAM, access logs, training evidence, policy documents, and a C3PAO-ready evidence bundle. Months of work, done in hours.
ASSESSOR-READY

THREE MODULES.
ONE SYSTEM.

dominiq handles what your compliance coordinator, your IT team, and your CMMC consultant should have been doing — without the six-figure invoice.

ITAR / CUI
Document Intelligence

The AI reads the content of every file and determines its classification status, sensitivity level, and access risk. No manual tagging. No guessing. No exposure.

  • CUI and ITAR-controlled content detection
  • Foreign national access monitoring
  • Version control and access logging
  • Unauthorized channel alerts (personal email, USB)
  • Export classification by USML / EAR category
CMMC 2.0
Audit Readiness Engine

Maps your current state against all 110 CMMC Level 2 practices in real time. When the assessor shows up, you're already ready — not scrambling for months to get there.

  • Live 110-practice compliance scorecard
  • Auto-generated SSP and POAM
  • AI-drafted policies (12+ required documents)
  • Evidence bundle in C3PAO-compatible format
  • Training record tracking and attestation
SUPPLY CHAIN
Supplier Vetting

Send CMMC flow-down questionnaires to your sub-suppliers directly from dominiq. Score them automatically. Know exactly which link in your chain is going to cost you a contract.

  • Automated compliance questionnaires
  • Tier 3 supplier risk scoring
  • Flow-down requirement mapping
  • Real-time supplier compliance dashboard
  • Remediation guidance for sub-suppliers
Why Now

THE WINDOW
IS OPEN.

Three things converged at exactly the same moment. This problem is solvable now in a way it simply wasn't before.

01
CMMC 2.0 is now enforceable law
The final CMMC rule dropped in late 2024. Contracts with mandatory certification requirements start flowing in 2025–2026. The deadline is real, it's in the contract language, and suppliers who miss it lose their programs. The market pressure is unlike anything this space has seen.
02
AI can finally read what used to require a lawyer
Determining whether a 200-page engineering spec contains ITAR-controlled technical data required a licensed export control attorney in 2020. In 2025, a fine-tuned model does it in seconds with high accuracy. That's the core unlock that makes dominiq possible — and makes it cheap enough for a 40-person shop.
03
There are 300k suppliers and 3k assessors
The math doesn't work for consulting. There simply aren't enough qualified CMMC practitioners to serve this market manually at any price point. Software is the only infrastructure that can close this gap. And suppliers already know they can't afford what Deloitte charges.
CMMC LEVEL 2 — READINESS REPORT LIVE
Access Control (AC)
88%
Audit & Accountability (AU)
95%
Configuration Mgmt (CM)
72%
Incident Response (IR)
41%
Media Protection (MP)
100%
Risk Assessment (RA)
63%
OVERALL READINESS SCORE 76%

YOUR SCORE.
UPDATED DAILY.

Most companies find out they're not compliant the day the assessor walks in. dominiq tells you every morning — with the exact practice, the exact document, and the exact fix.

Pricing

BUILT FOR SHOPS
NOT BANKS.

No six-month consulting engagement. No Big 4 invoice. Just software that works — at a price that doesn't make your CFO quit.

Starter — CMMC Level 1
$399/ mo

Up to 50 employees. For suppliers who need to get their foundations right before Level 2 certification pressure arrives.

  • Document classification and CUI tagging
  • CMMC Level 1 gap report (17 practices)
  • Basic policy document generation
  • ITAR exposure scanning (up to 5,000 files)
  • Self-assessment support materials
Get Started

ENTERPRISE PRICING AVAILABLE FOR PRIME CONTRACTORS AND ASSOCIATIONS → contact@dominiq.io

KS
FOUNDER & CEO
Krish Soni
FOUNDER & CEO // dominiq

Krish built dominiq after watching defense subcontractors — family businesses, precision shops, specialty manufacturers — lose contracts not because they were bad at their work, but because they couldn't prove they were compliant. The system was broken: the compliance burden was designed for Lockheed, not for a 40-person shop in Ohio with no IT staff.

dominiq is the company he wished existed three years ago. Built for the people who actually make the parts that keep things flying, not for the consultants who charge to explain the paperwork.

Defense Supply Chain ITAR / CMMC AI / ML B2B SaaS GovTech
AUDIT

DON'T FIND OUT
FROM THE AUDITOR.

Join the waitlist. Be one of the first 50 suppliers to run a live dominiq scan — free for 30 days, no credit card required.

NO SPAM. NO SALES CALLS. JUST ACCESS. // compliance@dominiq.io