Veilfire
Real-Time AI Governance

Lens

Inline policy enforcement for AI agents—monitoring every tool call, memory operation, and agent action in real-time with privacy-preserving telemetry and cryptographic audit trails.

Ember AI Agent Framework
"Transparency of process, not of content."
Key Capabilities

Govern AI Without Compromise

Lens solves the critical challenge facing enterprises: How do you govern AI systems without compromising privacy, performance, or innovation?

Policy Enforcement

Define and enforce ethics policies with a tiered response model: ALLOW → WARN → THROTTLE → DENY → QUARANTINE → TERMINATE → HITL. Semantic versioning, ethical citations, and sequence detection for multi-step behavior patterns.

Privacy-Preserving

Only anonymized metadata leaves your infrastructure—raw content never exposed. Governance without compromising data privacy.

Sub-Millisecond Latency

Fast-path evaluation adds less than 2ms p95 to agent operations. Production-grade performance without compromise.

Cryptographic Audit Trail

Tamper-evident Merkle chain records every decision. KMS-backed signing with AWS, GCP, Azure, or HashiCorp Vault.

Human-in-the-Loop

Escalate high-risk decisions to human reviewers in under 2 seconds. Configurable thresholds, approval workflows, and a dedicated HITL console to approve, veto, or escalate with full audit trail.

Framework Integrations

Native integrations for LangChain, LangGraph, LiteLLM, OpenAI, and Anthropic. Decorator-based instrumentation for custom tools, async support, and fail-open mode for production resilience.

Privacy-First Design

Your Data Stays With You

The Lens SDK extracts features like size, destination, and type—raw content never leaves your environment. Only anonymized metadata reaches the control plane.

Your Infrastructure

  • AI Agent + Lens SDK runs locally
  • Extracts features (size, destination, type)
  • Raw content NEVER leaves your environment

Lens Control Plane

  • Policy evaluation on metadata only
  • Audit logging with no raw data access
  • HITL workflows for escalation
Secure Agent Control

Policy Engine Features

Explicit Allow

Allowlisting permits fine-grained access to tools, parameters, domains, and HTTP methods of your choosing

Explicit Deny

Prevent access to tools, parameters, access levels, topics, content based on defined criteria

Human-in-the-Loop

High-risk or sensitive actions trigger HITL workflows for escalation

Native Framework Mapping

Rule engine content comes mapped to multiple frameworks; laws, regulations, security, safety, ethics, and more

Advanced Rule Chaining

Rule chaining enables advanced logic for detecting and responding to potentially harmful or unsafe actions, operating within both deterministic and non-deterministic frameworks

Adaptive Risk Models

Leverage advanced models to flag unsafe or harmful content in requests and responses in near-real-time

Performance

Production-Grade Speed

MetricTargetActual
SDK added latency≤5ms p95<2ms
Sidecar policy eval≤2ms p95<1ms
Control plane eval≤30ms p95<15ms
Incident to HITL≤5s<2s
Audit write≤10ms<5ms
Compliance

Regulatory Alignment

Lens helps organizations meet requirements across major AI regulations with built-in policy citations and audit capabilities.

EU AI Act

  • Human oversight (Art. 14)
  • Transparency (Art. 13)
  • Risk management (Art. 9)

GDPR

  • Data minimization (Art. 5)
  • Accountability (Art. 5)

SOC 2

  • Monitoring controls
  • Audit logging

NIST AI RMF

  • GOVERN, MAP, MEASURE, MANAGE lifecycle

Canadian AIDA Act

  • Impact assessment filings
  • Explainability + risk mitigation duties
Audit Trail

Cryptographic Audit Features

Merkle Chain

Tamper-evident record of every AI decision

KMS-Backed Signing

AWS KMS, GCP KMS, Azure Key Vault, HashiCorp Vault

Policy Attribution

Every verdict linked to policy version and rules

Evidence Preservation

Full transcripts and tool call logs for investigations

Proof Verification

Cryptographic verification of audit chain integrity

Compliance Export

Export audit data for regulatory review

Deployment

Flexible Deployment Options

Cloud-Hosted (Multi-Tenant SaaS)

  • • Fully managed control plane
  • • Multi-tenant isolation
  • • One-click deployment
  • • 99.95% SLA

Secure Cloud-Hosted (Isolated SaaS)

  • • Deploy in a private VPC
  • • Single-tenant deployment
  • • Full data isolation
  • • Custom compliance requirements

Hybrid

  • • SDK and sidecar on-premises
  • • Control plane cloud-hosted
  • • Best of both worlds
  • • Flexible data residency
Multi-Agent Governance

Cluster-Level Safety

As organizations deploy fleets of AI agents, governance must scale from individual agents to coordinated clusters. Lens provides comprehensive cluster-level safety.

Bounded Autonomy

Agents operate freely within policy boundaries but cannot expand their own authority. Authority hierarchy: international standards → org policies → policy engine → agent operations.

Sequence Detection

State-machine detection of multi-step behavior patterns across agents. Identify coordinated actions that individually appear safe but together pose risk.

Cluster Risk Aggregation

Real-time max_risk, avg_risk, and min_risk across all agents in a cluster with force-directed interaction graph visualization.

Tiered Response

ALLOW → WARN → THROTTLE → DENY → QUARANTINE → TERMINATE → HITL. Graduated enforcement with auto-escalation rules.

Drift Detection

Behavioral baselines with automatic drift alerting. Detect persona drift, goal drift, and performance degradation across the cluster.

Deterministic Containment

Fail-mode configuration (open/closed), container isolation with resource limits, dead letter queues, and automatic recovery with graceful degradation.

Safety Model

Formal Safety Specification

Lens includes a formal safety model specification covering the foundational guarantees that underpin every governance decision.

1

Trust Boundaries

Where data, control, and authority change hands

2

Authority Model

Who can do what, with layered human override

3

Isolation Layers

Tenant, agent, cluster, memory, and failure domain isolation

4

Escalation Paths

Tiered response from ALLOW to HITL with auto-escalation

5

Failure Containment

Blast radius minimization and deterministic recovery

Swipe to see all steps

Principles

Our Design Principles

Privacy by Design

Raw content never leaves your infrastructure

Transparency of Process

Every decision is auditable and explainable

Ethical Grounding

Policies cite international standards and regulations

Developer Experience

Drop-in integrations, not rewrites

Bounded Autonomy

Agents operate within defined boundaries; they cannot expand their own authority

Defense in Depth

Multiple independent safety layers, each providing independent guarantees

Complete with Insight

Lens and Insight together form Veilfire's comprehensive AI governance platform. While Lens provides real-time enforcement, Insight delivers comprehensive and continuous evaluation across five pillars before and during deployment.

Learn about Insight