Book a demo

By industry

HealthcareFHIR/HL7, HIPAA, BAA Finance & insuranceFINRA/SEC audit trails Government & public sectorAir-gapped, sovereign AI agent platformsAccountability for your users

By use case

Audit readinessSOC 2 · HIPAA · ISO 42001 · EU AI Act Incident responseReconstruct & prove in minutes Compliance evidenceRecords assessors actually ask for Agent governanceWho authorized what, proven

By framework

SOC 2CC7.2 / CC7.3 agent evidence HIPAA45 CFR 164.312(b) ISO 42001AI management system EU AI ActArticle 12 logging

Highlights

Book an agent audit
See what your agents did. Free eval, nothing deployed.
Hardware-rooted evidence
Validated on real NVIDIA H100 confidential compute.
Project AIR Platform
Your complete agent-accountability HQ
Explore platform →
Audit
The record you take into your audit.
Learn more →
Prove
Signed, anchored, independently verifiable.
Learn more →
Protect
Halt agents before harm, not after.
Learn more →
Monitor
16 detectors, every action, live.
Learn more →
AIR SDK & CLI
Open source, on PyPI. Start in an afternoon.
Learn more →
FlightDeck
The operator cockpit for your fleet.
See the demo →
AIR Cloud
Hosted ingestion, retention, alerting.
Learn more →
Admissibility
Self-authenticating, FRE 902(13)–(14).
Learn more →
Structural Verification
The deterministic floor agents can't talk past.
Learn more →

Company

AboutWhy we build the record AxiisiumOur healthcare AI initiative ContactTalk to us PolicyEvidence-based agent governance

Resources

BlogWriting on agent accountability PressNews & coverage Docs & GitHubMIT, read every line

Community

Open sourceOur OSS projects EventsWhere to find us PartnersBuild with Vindicara

Highlights

Axiisium
Our healthcare initiative: multimodal AI for blood cancer, built to be provable.
Open source on PyPI
MIT-licensed. Install projectair and verify every line.
Use case / Agent governance

Who authorized what — proven.
Not just tracked.

An access-control dashboard asserts policy. AIR proves it held: this agent was permitted to act, here's who or what granted permission, and here's cryptographic proof the grant was real and never modified.

Delegated authorityCross-agent handoffSPIFFE / Fulcioproven, not claimed
Book an agent audit See the evidence ↓
Bound to a human · scoped · proven across handoffs
Authorization chain · live
Granted bydr.okafor · Auth0
Agentclaims-agent-A
HandoffA → B · PTID validated
Out-of-scopeblocked · SV-SCOPE
signed grant · counter-attested · anchored Rekor
✓ authority held · never exceeded
01The stakes
review · agent privilege question
Did this agent even have the right to do that, and can you prove the permission was real?
Tracking who has access is policy. Proving the authority was granted, scoped, and never exceeded — across cross-agent handoffs — is evidence. AIR binds every agent to the human or service that authorized it, and signs the chain so no grant can be claimed after the fact.
02Proven beats tracked

The word that carries the card is "proven."

Delegated, not assumed
bound to a human

Every agent is bound to a named human or service identity, and no action runs without a delegation behind it.

Auth0, Microsoft Entra, Okta, or SPIFFE.
Scoped, and enforced
Zero-Trust

Declared scope is enforced deterministically. An out-of-scope action halts, and the halt is signed.

Enforcement, not a policy that merely asserts itself.
Proven across handoffs
chain of custody

When Agent A delegates to Agent B, a cryptographic chain of custody carries the proof with the capability token.

AgDR Handoff Protocol · SPIFFE / Fulcio identity.
03How AIR answers

Every authorization question, answered with proof.

Did this agent have the right to act?
AccountBound to a named human or service via Auth0, Entra, Okta or SPIFFE.
Who or what granted it?
AccountThe delegation record names the grantor, signed.
Was the grant real, not just claimed?
ProveThe delegation is signed and anchored — not a config asserting policy.
Did the authority survive a handoff?
HandoffA cross-agent chain of custody carries it (AgDR Handoff).
Was it ever exceeded?
ProtectOut-of-scope actions halt deterministically, and are signed.
04The evidence

Proof the authority held, end to end.

The grant, the scope, the handoff, and every action — signed, anchored, and counter-attested, so "this agent was permitted to act" is a record you can produce, not a claim a dashboard makes.

See the layered platform →
Authorization chain · agdr/v2
Grant · dr.okafor delegated claims-agent-A (Auth0)
Scope · declared scope — enforced
Handoff · agent-A → agent-B · PTID validated
Halt · out-of-scope call blocked — SV-SCOPE
signed grant · counter-attested · anchored Rekor
✓ authority held, never exceeded · search.sigstore.dev
05What you get

The tiers governance owners choose.

Enterprise
most teams here
  • Human-bound delegation, signed
  • Containment — halt out-of-scope actions
  • Cross-agent handoff (AgDR Handoff)
  • Causal graph, query & replay
  • SSO / OIDC, SLA
Book an agent audit
Air-gapped
regulated · sovereign
Everything in Enterprise, plus
  • SPIFFE / Fulcio identity inside the enclave
  • No phone-home — records never leave
  • Extended retention + PQ re-anchoring
  • Admissibility Pack — FRE 902 + expert support
Talk to us

Stop asserting policy. Prove it held.

A free agent audit shows whether you could prove — not just claim — that every agent acted within the authority it was granted.

Book an agent audit →
Delegated authorityAgDR HandoffSPIFFE / FulcioFRE 902(13)–(14)
Vindicara · project AIR v1.0.1 support@vindicara.io · This page is itself on the record.