Deny by default. Keys stay home.
Two components, zero access to your content. The sentinel runs on the device, governs what an AI tool or agent can do the moment it acts, and signs every captured interaction before anything crosses the boundary. The admin server stores ciphertext it cannot decrypt. Control and evidence, end to end. Your keys. Your record.
The AI runtime security model
Six principles, enforced by construction rather than by policy documents.
- Fail-closed
- No valid policy, no AI traffic. If the audit pipeline fails, traffic stops. Deny by default.
- Non-repudiation
- Every entry is cryptographically signed by the originating device. A signature cannot be produced by the server or by any party that does not hold the device's key.
- Tamper-evidence
- An append-only chain where each entry depends on its predecessor. Any modification breaks the chain detectably.
- Key isolation
- Signing keys never leave the device. Decryption keys are managed independently and never persisted on the server.
- Opaque-ciphertext server
- The server stores ciphertext it cannot read. Metadata is indexed for search. Content requires the institution's key.
- Signed policies
- Sentinels accept only policies signed by a trusted authority. Unsigned or revoked policies are rejected.
How governing works, in plain terms
The sentinel uses standard operating-system mechanisms to govern AI traffic on the device. Staff see no change. If a tool speaks HTTPS to a provider, Verillian governs it, with no plugins, wrappers, or changes to the tool.
- On the device
- Governing happens locally, before any content reaches an outside provider. A blocked request never leaves.
- Any tool or agent
- Verillian is not tied to one model or provider. It governs AI agents and chat assistants under the same policy when they reach a provider over HTTPS; structured audit is fully parsed for Anthropic's Claude and Claude Code today, and expands to the providers your engagement uses.
- Invisible to staff
- AI tools work exactly as before. The sentinel is present only as a system-tray status icon.
What operators get
The admin console gives IT and security teams visibility and control across the fleet, on infrastructure you run.
- Session review
- Browse captured AI usage. Drill from sessions to conversations, turns, and tool calls. See what was allowed, blocked, or redacted, in full context.
- Tool-call analytics
- An interactive view of observed AI activity: what is used, how often, and by whom. Create policy directly from observed patterns.
- Policy management
- Create, modify, and retire policies with mandatory justification. Tamper-evident change history. Multi-approver workflows.
- Device fleet
- Monitor enrolled sentinels: connection status, versions, heartbeat health, chain integrity. Enrollment queue and bulk operations.
- Chain verification
- Verify audit-chain integrity across every enrolled device at any time. Detect tampering, gaps, or anomalies, per device and fleet-wide.
- Compliance reporting
- Periodic reports on usage, enforcement, anomalies, chain integrity, and redactions, designed to support a formal acknowledgment step before archival.
system overview, representative view
See the architecture for yourself
The clearest way to evaluate the architecture is to run it. We will work directly with your security and IT functions during your founding customer engagement.