Security & architecture

Deny by default. Keys stay home.

Two components, zero access to your content. The sentinel runs on the device, governs what an AI tool or agent can do the moment it acts, and signs every captured interaction before anything crosses the boundary. The admin server stores ciphertext it cannot decrypt. Control and evidence, end to end. Your keys. Your record.

Principles/ 01

The AI runtime security model

Six principles, enforced by construction rather than by policy documents.

Fail-closed
No valid policy, no AI traffic. If the audit pipeline fails, traffic stops. Deny by default.
Non-repudiation
Every entry is cryptographically signed by the originating device. A signature cannot be produced by the server or by any party that does not hold the device's key.
Tamper-evidence
An append-only chain where each entry depends on its predecessor. Any modification breaks the chain detectably.
Key isolation
Signing keys never leave the device. Decryption keys are managed independently and never persisted on the server.
Opaque-ciphertext server
The server stores ciphertext it cannot read. Metadata is indexed for search. Content requires the institution's key.
Signed policies
Sentinels accept only policies signed by a trusted authority. Unsigned or revoked policies are rejected.
How it works/ 02

How governing works, in plain terms

The sentinel uses standard operating-system mechanisms to govern AI traffic on the device. Staff see no change. If a tool speaks HTTPS to a provider, Verillian governs it, with no plugins, wrappers, or changes to the tool.

See the full data flow

On the device
Governing happens locally, before any content reaches an outside provider. A blocked request never leaves.
Any tool or agent
Verillian is not tied to one model or provider. It governs AI agents and chat assistants under the same policy when they reach a provider over HTTPS; structured audit is fully parsed for Anthropic's Claude and Claude Code today, and expands to the providers your engagement uses.
Invisible to staff
AI tools work exactly as before. The sentinel is present only as a system-tray status icon.
For operators/ 03

What operators get

The admin console gives IT and security teams visibility and control across the fleet, on infrastructure you run.

Session review
Browse captured AI usage. Drill from sessions to conversations, turns, and tool calls. See what was allowed, blocked, or redacted, in full context.
Tool-call analytics
An interactive view of observed AI activity: what is used, how often, and by whom. Create policy directly from observed patterns.
Policy management
Create, modify, and retire policies with mandatory justification. Tamper-evident change history. Multi-approver workflows.
Device fleet
Monitor enrolled sentinels: connection status, versions, heartbeat health, chain integrity. Enrollment queue and bulk operations.
Chain verification
Verify audit-chain integrity across every enrolled device at any time. Detect tampering, gaps, or anomalies, per device and fleet-wide.
Compliance reporting
Periodic reports on usage, enforcement, anomalies, chain integrity, and redactions, designed to support a formal acknowledgment step before archival.

system overview, representative view

See the architecture for yourself

The clearest way to evaluate the architecture is to run it. We will work directly with your security and IT functions during your founding customer engagement.