Six modules. One closed loop. End-to-end AI governance

See every AI in your estate. Know who it talks to, what it touches, and how exposed it is.

Complete visibility over your AI estate - systems, agents, tools, MCP servers, data sources, non-human identities, and shadow agents - with a live identity graph, 3D ontology explorer, and compliance fingerprint per system.

• AI Systems inventory
• AI Agents inventory
• Tools inventory
• MCP Servers inventory
• Data Sources inventory
• Authority Profiles
• Non-Human Identities
• Identity Graph (live)
• Trust Anchors
• Delegation Chains
• 3D Ontology Explorer
• Shadow Agents detection
• Compliance Fingerprint
• Estate Geo (global exposure map)
• Connectors (ingest from existing infra)

Policy decides. Humans approve. Runtime proves.

Every AI action governed by policy, approved by a human, and proven by a tamper-evident runtime feed. Kill Switch for emergency halt, MCP Control Gateway for protocol-level enforcement, and delegation grants for least-privilege identity.

• Policy Studio (YAML/JSON)
• Approval Queue (human-in-the-loop)
• Runtime Feed (tamper-evident, hash-chained)
• Authority Decisions
• Runtime Violations
• MCP Control Gateway
• A2A Gateway
• ACP Gateway
• Memory Gateway
• Kill Switch
• Identity & Trust (DID-JWS, SPIFFE)
• Delegation Grants
• Internal Copilot (advisory)

Five steps. From model to provable safety report.

A structured 5-step workflow - Connect Model → New Test → Run & Results → Reports → Test Modules - with 82 connected models in production. Defensive layer includes 7 guardrails, custom vulnerability definitions, and an AI Firewall operating in Block / Redact / Observe modes.

• Connect Model (step 1)
• New Test configuration (step 2)
• Run & Results (step 3)
• Reports catalogue (step 4)
• Test Modules / Strategy (step 5)
• Guardrails (7)
• Custom Vulnerabilities
• AI Firewall (Block / Redact / Observe)

12 frameworks. 120 controls. One operating model.

A single governance operating model across 12 regulatory frameworks (120 controls, 38 critical-severity). Conformity Pipeline with state-machine lifecycle and score gates. Risk Classification Wizard outputs EU AI Act Article 6 risk tier. Auto-generated Annex IV Dossier. Intent Baseline detects behavioural drift.

• Frameworks catalogue (12)
• Controls Library (enforce/monitor modes)
• Policy Studio (YAML/JSON, simulate-before-enforce)
• Conformity Pipeline (state machine, score gates)
• Conformity Score (0-100, severity-weighted, per system per framework)
• Risk Classification Wizard (5 questions → Article 6 risk tier)
• Annex IV Dossier (auto-generated EU AI Act technical documentation)
• Intent Baseline (Lasso-style behavioural drift detector)

Test runs become framework-aligned, audit-ready reports.

Every test run produces framework-specific analysis: OWASP LLM Top 10 (10 categories, 34 attacks, 27 vulnerability checks), EU AI Act (16 articles, PASS/FAIL verdict), NIST AI RMF (72 subcategories, 12 GAI risks), Red-Team assessment, MAS MindForge (7 dimensions, 17 considerations), AI Verify AIVTF (11 principles, 62 outcomes, 112 checks), Benchmark Suite (9 Moonshot cookbooks), and a blockchain audit log with chain integrity verification.

• OWASP LLM Top 10 analysis
• EU AI Act analysis (16 articles, PASS/FAIL verdict)
• NIST AI RMF analysis (72 subcategories, 12 GAI risks)
• Red-Team assessment
• MAS MindForge assessment (FEAT, 7 dimensions, 17 considerations)
• AI Verify AIVTF v2.0 (11 principles, 62 outcomes, 112 checks, 104 GenAI)
• Benchmark Suite (AI Verify Project Moonshot, 9 cookbooks)
• Security Overview
• Blockchain Audit Log (Verify Chain Integrity)

Continuous, not point-in-time.

Scheduled testing triggers continuous monitors that track compliance drift across all models and frameworks. The Compliance Status matrix shows live posture including HIPAA and CCPA. An immutable, hash-chained audit log records every platform event, exportable as JSON. Worker Health provides operator-level visibility into the Arq task workers.

• Continuous Monitors (scheduled testing → drift detection + compliance tracking)
• Compliance Status matrix (all models × all frameworks, including HIPAA + CCPA)
• Audit Log (immutable, hash-chained, JSON export)
• Worker Health (Arq workers, operator/SRE surface)