// Governance & security

Autonomy with a paper trail.

Automating deploys is the easy part. What makes an agent safe to run in production is the bounded, recorded control layer around it — separation of duties, evidence, and a stop that sits outside the agent's reach.

Request access See the evidence →

Propose, don't mutate

Gary reads freely and proposes changes. Anything that mutates production needs explicit human sign-off.

Append-only ledger

Every deploy, config change, and override is recorded immutably and shipped to the data lake.

Claims checked against data

Gary reports only what he did — and re-verifies those claims against live telemetry first.

Visible, with a stop

Actions stream in real time. A global pause and separation-of-duties controls sit outside the agent's reach.

Separation of duties

Gary acts. People hold the keys.

Approval on production-mutating change always belongs to an operator. Gary acts autonomously only on the proven, reversible class — ambitious, never reckless.

GARY
Observe & propose
Reads everything, drafts the change, attaches evidence and a rollback plan.
POLICY
Gate at admission
Guardrails decide: auto-approve the reversible class, or route to a human.
OPERATOR
Approve production
A person signs off anything that mutates customer-facing systems.
LEDGER
Record & verify
Immutable log of who, what, when, and the evidence behind it.
Standards & controls

Map your obligations to enforced policy.

Point Kairn at a framework and it ingests the controls, deploys them as admission policy, and keeps continuous evidence — per tenant, per environment.

SOC 2
Type I & II evidence
ISO 27001
ISMS controls
ISO 42001
AI management
HIPAA
Safeguards mapping
PCI DSS
Scoped controls
Custom
Your own directives
Sovereign by default

Runs where your data already lives.

Your hardware or your cloud, multi-tenant to the core, transparent by construction. Nothing leaves the boundary you set.

Your boundary
Deploy on your hardware or cloud — data residency stays yours.
Per-tenant isolation
Networks, quotas, and secrets isolated for every tenant.
Open to inspection
Glass-box decisions, open to third-party evaluation.