AI agent governance for the regulated SDLC

Use AI coding agents
where you normally can’t.

Capture agent tool calls, model usage, and approval decisions across your laptop, CI, and cloud workers — pre-production only, inside your own cloud.

Verification portal

AWS demo

Verification portal overview showing run health and pending decisions.Verification portal sessions view showing agent run status.Verification portal approvals queue showing gated actions.

Agent health, pending decisions, and approval state in one view.

Agent actions only

No keystrokes, screen, or editor capture

Pre-production

Laptop, CI, and cloud workers

Your cloud

Prompts and source stay in your account

Allow · Confirm · Block

Routine work flows; risk pauses

Instrument the agents your team already runs

  • Claude CodeConnector
  • CursorConnector
  • GitHub CopilotRoadmap
  • Custom agentsSDK

Connector coverage and proof artifacts are documented in curated use-case paths.

How it works

On the record — without being in your way

From an agent deciding to act to your auditor checking the record, the same four steps run every time.

  1. Step 1

    Capture

    Tool calls and model usage from hooks and connectors — not the developer’s screen.

  2. Step 2

    Decide

    Policy and sensitivity resolve to allow, confirm, or block. Same gate locally and in the cloud.

  3. Step 3

    Record

    Signed, immutable decisions in your own storage — one system of record.

  4. Step 4

    Prove

    Export verifier-checkable evidence packages with hashes and redaction policy.

Proof surface

Evidence your auditor can recompute offline

Portal read-backs and portable exports share manifest hashes, a redaction policy, and a verifiable chain. No raw prompts or source inside the package.

Portal read-back

FinCard demo

FinCard Network verification portal overview with agent health and pending decisions.

Operator view from the FinCard Network demo workspace — sessions, approvals, and audit land in one surface before export.

Evidence package manifest (redacted)

json
{
  "schema": "autodevops.evidence_package.v1",
  "packageId": "pkg_7f2a…c91e",
  "manifestSha256": "a4e8…9b2f",
  "redactionPolicy": "no_raw_prompts_or_source",
  "chapters": [
    "session_summary",
    "approval_decisions",
    "agent_run_audit_refs",
    "provenance_query_chain"
  ],
  "exportChain": {
    "previousHash": "c3d1…8a04",
    "entryHash": "f9b0…2e17"
  }
}
  • Agent Run Audit chapters without raw transcript leakage
  • Closed-loop signals only when audit-backed references exist
  • Control mappings cite the artifacts regulators expect
See control mappings →
Control surface

One config. Same gate everywhere.

The same policy file governs agents on your laptop, in CI, and on cloud workers.

yaml
hooks:
  pre-commit: [lint, security-scan]
governance:
  default: confirm
providers:
  bedrock:
    region: us-east-1
budgets:
  per_commit_tokens: 5000

Policy engine

Deterministic rules — no LLM interpreting your policy. Prior approvals can let similar actions flow.

Audit trail

Every decision replayable with context. PR summaries bind to the same record whether the agent ran locally or on a worker.

Budgets, not surprises

Token and cost limits per commit, repo, or team. Hit a limit and the next call pauses for approval.

Deployment

Inside your cloud. Owned by you.

No multi-tenant SaaS plane holds your prompts or audit log. AWS is the validated path today; Azure and Google Cloud adapter tracks are roadmap.

Amazon Web Services

Bedrock for inference, IAM-scoped Lambda workers, VPC endpoints, and immutable audit storage. Prompts and source never leave your account.

Live

Microsoft Azure & Google Cloud

Adapter code exists for Azure OpenAI, Functions, Vertex AI, and Cloud Run. Customer-validated BYOC deployment remains roadmap.

Roadmap

Your developers’ agents. One connector shape regardless of vendor.

Claude Code
Cursor
GitHub Copilot
Custom agents

Control mappings for regulated buyers

SR 11-7, FFIEC, DORA, EU AI Act, ISO 42001, and SOC 2 narratives bound to portable evidence. See mappings →

See what your auditor will see

A live walkthrough on a real workflow — policy, approvals, audit — in your AWS account.