The model

Seven moves, one proof

Governing an AI agent comes down to seven things you must be able to do — and prove. ByteVerity ships a product for each. They interlock because they all speak the same signed receipt — so this is one platform, not a pile of tools.

One platform, not a pile of tools

The seven verbs

  • Identify

    Bind every action to a short-lived, revocable identity — minted in-platform or carried from your own IdP (Okta ID-JAG, SPIFFE/SPIRE).

    Identity

  • Control

    Govern what the agent may read and disclose — before it ever sees the data.

    Data Gateway · Cleanroom · Browser Runtime

  • Govern

    Allow or deny an action against policy — and seal the decision into a receipt; an engineering lead's signed code-change policy is enforced in CI.

    Control + the governor family

  • Locate

    Pinpoint the exact step — or the exact poisoned knowledge write — behind a bad outcome.

    Bisect

  • Prove

    Re-derive what happened across every plane — offline, tamper-evident.

    Lineage

  • Revoke

    Cut off a bad agent; its next action fails closed.

    Capability Gateway

  • Posture

    Query the whole evidence corpus — what agents knew, did, disclosed — and see the fleet.

    Atlas

⎯⎯ ByteVerity Kernel — the shared proof substrate

One receipt format · one offline verifier.

Every product emits Kernel-shape receipts; one verifier checks them all. Adopt one product, then the next — the proof carries over, so you never re-buy trust.