Skip to content
Zero Trust for AI Systems

Stop your AI from making
irreversible mistakes.

Block unsafe decisions before they execute. Enforce policies at the point of action. Prove compliance with tamper-proof audit trails — ready for any regulator.

Watch a Real AI Decision Get Blocked Run a Pilot Audit →
Teams are shipping AI without control. Most fix this after their first incident.
Works with any LLM Sub-10ms latency Two API calls to integrate No vendor lock-in
Live Enforcement ACTIVE
TOOL CALL · transfer_money
amount: $10,000  agent_role: support_agent
RISK ANALYSIS CRITICAL
POLICY VIOLATION — BLOCKED
max_value exceeded · agent role not authorised for transfer_money
✗ BLOCK ACTION ⚑ ESCALATE TO SOC
Dashboard SENTINEL
Processed
12,847
Allowed
11,923
Blocked
924
Risk avg
3.2
Violation Rate · 7d
Sub-10ms
Decision latency
Blocks
Before execution
Any LLM
Vendor neutral
Tamper-proof
Audit trail
8 Industries
Templates ready
Real incidents DriftGard prevents

Three ways AI goes wrong in production

These aren't edge cases. They're what happens when AI systems run without a control layer.

💸

AI approved a $50K transfer

A support agent called transfer_money with no amount limit. Nobody checked if it was authorised.

🔓

Chatbot leaked customer PII

A prompt injection tricked the model into returning email addresses and phone numbers in a response.

🔄

Agent loop burned $4K overnight

A recursive tool call chain ran 2,000 iterations before anyone noticed. The bill arrived the next morning.

DriftGard would have blocked all three — in real-time, before execution.
"We're building an AI co-founder that mentors thousands of aspiring founders. DriftGard gives us confidence that our AI stays within safe boundaries — no bad financial advice, no harmful guidance, full audit trail. Integrated in under a day."
— Joe, Founder · 7Ronin AI
47K+
AI decisions evaluated in first month
340 violations blocked. 12 critical tool calls prevented. Zero false positives on production traffic.
$4,200
Prevented overnight from a recursive agent loop
Cost alert triggered within seconds. Agent stopped before the bill arrived.
Trusted by AI-first teams · 200K+ decisions evaluated · <1% false positive rate
How it works

Understand it in 10 seconds

AI makes a decision
DriftGard checks policy
Allow / Block
Tamper-proof log
Two API calls. Sub-10ms latency. Works with any model or provider.
your-agent.js
// Two lines is all it takes. const result = await dg.evaluate({ prompt: userMessage, response: aiResponse, }); if (!result.evaluation.allowed) { return result.fallback.message; }

What DriftGard actually does

Real-time control, continuous monitoring, and compliance proof — in one layer.

🛡️

Control

Block unsafe decisions before they execute. Validate tool calls at the parameter level. Enforce identity rules. Stop agent loops. Real-time, deterministic, sub-10ms.

👁️

Observe

Monitor AI behaviour across every project. Detect drift after model updates. Track decision chains across agents. Alert on cost spikes and anomalies.

📋

Prove

Generate compliance reports mapped to EU AI Act, NIST, ISO 42001, GDPR, FINMA, SOC 2, APRA CPS 230, and HIPAA. Tamper-evident records. Signed evidence downloads. Auditor portal. Prove governance was in place.

Real scenario

Customer support AI in fintech

Without DriftGard

Customer asks about refund policy
AI gives incorrect advice: "You're entitled to a full refund"
Customer acts on it — demands refund from support team
Compliance team finds out 3 weeks later during audit
No record of what the AI said or why
Result: $50K in incorrect refunds. Compliance breach. No audit trail.

With DriftGard

Customer asks about refund policy
AI generates response with incorrect refund claim
DriftGard detects policy violation — blocks response in real-time
Customer sees safe fallback: "Let me connect you with our team"
Tamper-evident record logged. Compliance report auto-generated.
Result: Incident prevented. Evidence ready. Audit takes minutes, not weeks.

The risk moved. Your governance should too.

Most tools were built for chatbots — they check what AI says. But agents send emails, make payments, and call APIs. The risk moved from what AI says to what AI does.

What most tools do

Monitor AI responses after the fact.

• Check text output for violations
• Log what happened
• Show dashboards and metrics
Answers: "What did the AI say?"

What DriftGard does

Control AI decisions and actions before they execute.

Block harmful responses before they reach users
Validate every tool call with parameter-level rules
Control which agents and roles can call each tool
Track full decision chains across multi-step agents
Prove compliance with tamper-evident records
Answers: "Was it allowed? Can we prove it?"

Built for the people who carry the risk

Different roles, same question: "Can we prove our AI is under control?"

👔

Chief Compliance Officer

Scheduled reports mapped to EU AI Act, ISO 42001, NIST AI RMF. Evidence vault with signed downloads. Read-only auditor portal. Regulatory deadline tracking. Stop preparing for audits — the evidence generates itself.

⚖️

Head of Risk

Real-time visibility into what AI is doing across every project. Drift detection catches behaviour changes after model updates. Cost alerts stop runaway agents. Tamper-evident logs prove nothing was modified after the fact.

🛠️

CTO / Engineering Lead

Two API calls to integrate. SDKs for Node.js and Python. Governance-as-code CLI for CI/CD. Zero-trust tool validation with identity rules. Circuit breaker and fail-safe modes. Ship AI features without building a compliance layer from scratch.

Why DriftGard

Security tools stop threats.
DriftGard proves you stopped them.

Open-source toolkits like Microsoft's Agent Governance are powerful enforcement libraries — and that's exactly what they should be. DriftGard is what you deploy alongside them when you need to prove to a regulator what happened and why. When regulators ask for proof, enforcement logs aren't enough.

🏛️ Compliance operations — not just enforcement

Enforcement libraries don't store tamper-evident records, generate compliance reports, or give your auditor a portal. Those aren't engineering problems — they're operations problems.

Enforcement is table stakes. Provable compliance is the moat.

Capability Open-source Runtime security DriftGard
Policy enforcement
Tool call validation
Per-tool identity rulesPartial
Jurisdiction-scoped rules
Local evaluation (zero data egress)
Tamper-evident audit trail
Compliance reports (PDF)
Auditor portal
Scheduled evidence generation
Drift detection + alertingPartial
Governance-as-code CLI
Time to audit evidenceweeksweeksminutes

Open-source = Microsoft Agent Governance, NeMo Guardrails, etc. Runtime security = Capsule, Lakera, Operant, etc.

OWASP Aligned

Aligned with OWASP Top 10 for Agentic AI

Direct mitigation for the majority of the OWASP agentic AI risks through runtime enforcement and compliance operations.

ASI02 · Tool Misuse

Zero-trust allowlist. Parameter validation. DLP scan on tool arguments.

ASI03 · Identity Abuse

Per-tool identity rules enforce which roles, agents, and users can call each function.

ASI08 · Cascading Failures

Chain depth limits, cost alerts, circuit breaker, and sequence ordering.

ASI10 · Rogue Agents

Runtime enforcement blocks violations. Drift detection catches behaviour changes.

ASI01 · Goal Hijack

Adversarial input detection and meta-bypass pattern matching.

ASI07 · Inter-Agent Comms

Session chain tracking with parent links, sequence ordering, and integrity hashing.

Complementary coverage for ASI04 (supply chain), ASI05 (code execution), ASI06 (memory poisoning), ASI09 (trust exploitation).

The ROI case for AI governance

DriftGard isn't a cost centre. It pays for itself in one prevented incident.

Labour Savings

200 hours → 2 minutes

Audit prep that took weeks now generates in seconds. Read-only auditor portal means zero engineering support needed.

Uptime Insurance

Governance that never causes an outage

Circuit breaker with fail-open mode. If DriftGard is unreachable, your app keeps running. Governance is never a single point of failure.

Speed to Market

The regulatory fast-pass

Ship AI features months ahead because governance is built-in, not a blocker. Compliance layer already built — tamper-evident logging, risk scoring, evidence generation.

Platform

The production enforcement layer for AI agents

Runtime policy enforcement, local zero-egress evaluation, deep tool control, and enterprise compliance evidence — model-agnostic, framework-agnostic.

Runtime Enforcement

Block policy violations before they reach users. Sync, async, or hybrid mode. Response sanitization — redact sensitive patterns while allowing the response through. Risk scoring with per-rule semantic thresholds.

🔒

Zero-Trust Tool Control

Every unlisted tool is blocked. Parameter-level rules: type, min/max, regex, enum, custom expressions. Per-tool identity enforcement (role, agent, user). DLP scans arguments for PII and secrets before execution.

🔗

Decision Chain Tracking

Session IDs, parent evaluation links, and sequence numbers reconstruct the full decision chain across multi-step agents. Chain depth limits prevent infinite loops. Out-of-order detection catches race conditions.

🏠

Local Zero-Egress Evaluation

Evaluate locally via WASM — no prompt or response data leaves your environment. Optional ONNX semantic matching (~22MB model) for paraphrase detection without external calls. Perfect for healthcare, mental health, and sovereign deployments.

🔌

Framework Integrations

Drop-in support for LangChain, CrewAI, and Strands agents. One-line guardrail in any chain. Tool guard decorators for agentic workflows. Works with any LLM provider — OpenAI, Anthropic, Bedrock, Gemini, local models.

🧪

Canary & Shadow Deployment

Test new control pack versions in production without enforcing. Shadow evaluation runs alongside your active policy — compare block rates, false positives, and impact before promoting. Zero-risk policy changes.

📋

Policy Lifecycle Management

Versioned control packs with diff, promote, test suite, and backtesting. 8 industry-specific templates. Generate policy drafts from documents. Per-rule semantic threshold tuning. Compliance mapping to regulations (EU AI Act, AHPRA, APRA, HIPAA).

📈

Continuous Drift Detection

Baseline vs current comparison across violation rates, severity changes, and block rates. Statistical anomaly detection catches subtle drift after model updates. False positive management with rule effectiveness scoring and auto-recommendations.

🛡️

Tamper-Proof Audit & Compliance

Every decision recorded in a WORM-compliant immutable log. Hourly Merkle roots with KMS-signed external anchoring — independently verifiable without DriftGard access. PDF reports mapped to EU AI Act, ISO 42001, NIST AI RMF. Push signed roots to your own S3 bucket or webhook.

🧪

Testing & Reliability

Synthetic test generation. Benchmark suites for standardised evaluation. A/B experiments across models comparing violation rate, risk score, cost, and token usage. Backtesting against new policy versions before activation. Aho-Corasick compiled pattern matching for sub-millisecond evaluation. Bias/fairness testing across 6 demographic dimensions with disparate impact scoring.

Built for agentic AI

Not just chatbots.
Multi-step autonomous workflows.

Modern AI agents make chains of decisions — tool calls, API requests, database writes. DriftGard tracks the entire decision surface and enforces identity rules at every step.

🔑

Agent Identity

Per-tool role, agent, and user rules.

🔗

Chain Tracking

Full session timeline with sequence ordering.

💰

Cost Alerts

Stop runaway loops in real-time.

Session Chain
1 query_records ALLOWED
2 transfer_money $500 ALLOWED
3 transfer_money $15,000 BLOCKED
sess_demo_001 · 3 steps · 1 blocked · IDENTITY_DENIED
agent-flow.js
// Validate tool call before execution const result = await dg.evaluateToolCall({ tool_name: "transfer_money", parameters: { amount: 5000, to: "acc_rec" }, session_id: "sess_123", agent_role: "payments_agent", }); // Checks: allowlist · amount · identity · cost if (!result.evaluation.allowed) return result.fallback.message;
Industry templates

Pre-built AI safety policies

Activate in minutes. Customise with a config file. Deploy to production via CI/CD.

Fintech

Financial Services

Advice boundaries, disclosure, AML/KYC. ASIC & APRA mapped.

Healthcare

Health AU

Clinical boundaries, medication, mental health escalation. TGA mapped. Local evaluation mode for zero data egress.

Mental Health

Clinical Safety

No diagnoses, no prescriptions, crisis escalation, scope boundaries. Local evaluation — no patient data leaves your environment.

Insurance

Insurance AU

Claims, underwriting, vulnerable customers. ASIC/APRA mapped.

Education

Education AU

Academic integrity, student welfare, grade boundaries. TEQSA mapped.

Gambling

Wagering AU

30 rules: underage, loss chasing, self-exclusion, harm minimisation.

Telecom

Telecom AU

Plan advice, billing, cancellation, vulnerable customers. ACMA mapped.

Government

Public Sector

Citizen services, policy interpretation, privacy, transparency.

Startup

General Purpose

Baseline guardrails: content safety, PII, prompt injection.

Integrate in minutes

SDK-first.
Developer-friendly.

One npm install or pip install. No 6-week consulting engagement. Industry templates activate in minutes.

Python / Node.js SDKs
REST API with API key auth
CLI for CI/CD pipeline integration
HMAC-signed webhooks
Circuit breaker, fail-open/fail-closed
Local evaluation mode — WASM engine, zero data egress
install.sh
# Node.js npm install @driftgard/node # Python pip install driftgard # CLI npm install -g @driftgard/cli driftgard pull --project my-project driftgard test --pack control-pack.yaml

Security by design

DriftGard operates independently of AI model providers. We generate tamper-evident, independently verifiable records that auditors and regulators can trust.

🔍

DLP Scanner

10+ PII types, 25+ secret patterns, 15+ adversarial patterns. Scans prompts, responses, and tool call parameters independently of evaluation.

🔐

Tamper-Evident Records

Every decision hashed at write time. Hourly Merkle roots. On-demand verification proves records haven't been changed after creation.

🏢

Access & Resilience

Multi-tenant isolation. Role-based access. SDK circuit breaker. Configurable retention periods. Australian-hosted options available.

🔒

Local Evaluation

Evaluate inside your trust boundary via compiled WebAssembly. No prompt, response, or conversation content leaves your environment. For mental health, clinical, and sovereign deployments.

Compliance frameworks supported
EU AI Act
Articles 9–15
ISO 42001
Clauses 6.1–10.1
NIST AI RMF
Govern · Map · Measure · Manage
AU Privacy Act
APP 1, 1.7, 3, 6, 11, 12
FINMA
Swiss financial supervision
GDPR
Data protection & privacy
SOC 2
Trust service criteria
APRA CPS 230
Operational resilience
HIPAA
Health information privacy

Works with OpenAI · Anthropic · AWS Bedrock · Azure · Cohere · Mistral · any custom model

Pricing

Simple, transparent tiers

Start with a pilot audit. Scale into runtime governance as your AI rollout grows.

Pilot
$7,500 AUD
Full compliance capabilities for 1 month — prove value fast, then scale.
  • All compliance features included
  • Drift monitoring and alerts
  • Backtests + audit logging
  • Compliance reports and exports
Run a Pilot Audit
Compliance
$15,000 AUD/mo
Runtime governance for production AI systems.
  • Real-time evaluation via SDK
  • Tool call validation
  • Session chain tracking
  • Drift monitoring and alerts
  • Cost alerting
  • DLP scanning
  • Tamper-evident audit integrity
  • Compliance mapping — rules linked to regulations
  • Compliance reports and exports
  • Local evaluation mode — zero data egress
Request Demo
Enterprise
$25,000+ AUD/mo
Full platform with advanced compliance workflows.
  • Everything in Compliance
  • Human review (HITL) workflows
  • Synthetic testing and scheduling
  • A/B experiments across models
  • Benchmark suites
  • Industry control pack templates
  • Private and sovereign deployment options
  • Dedicated support
  • White-label & MSSP options available
Contact Sales

Typical customers recover the cost from a single prevented incident. One blocked unauthorised transfer, one avoided compliance fine, one stopped agent loop — and DriftGard has paid for itself.

Designed for production: sub-10ms latency · fail-safe fallback handling · scales to high-volume AI workloads

Frequently asked questions

Is DriftGard a monitoring tool?

No. DriftGard is a runtime enforcement layer. It decides what AI is allowed to do, blocks violations before they reach users, validates tool calls before they execute, and creates tamper-evident proof that your AI followed the rules.

How does it handle AI agent tool calls?

Every tool call is validated against a zero-trust allowlist. Parameter-level rules enforce type, range, regex, and custom expressions. Cross-parameter checks catch things like self-transfers. DLP scans tool arguments for PII and secrets before execution.

What is session chain tracking?

When an agent makes multiple decisions in a conversation, DriftGard links them together with session IDs and parent links. You see the full chain — which decision led to which action, in what order. Sequence numbers detect out-of-order arrivals. Chain depth limits stop infinite loops.

What happens if DriftGard goes down?

Your app stays up. The SDK includes a circuit breaker that skips API calls after consecutive failures. You configure fail-open (allow everything) or fail-closed (block everything). DriftGard is never a single point of failure.

How do you prove records haven't been tampered with?

Every decision is hashed at write time. Hourly Merkle roots provide a second verification layer. On-demand verification recomputes hashes and compares against stored values — a mismatch means the record was changed.

What compliance frameworks do you support?

EU AI Act, ISO 42001, NIST AI RMF, and Australian Privacy Act including APP 1.7 transparency statements. Reports are generated as signed PDFs with tamper-evident verification.

How quickly can we start?

A pilot audit takes days. SDK integration is a single npm install or pip install. Industry templates activate in minutes. Start with post-response monitoring and add real-time enforcement when ready.

Can we run DriftGard without sending patient data to your servers?

Yes. Local evaluation mode runs the entire engine inside your environment via compiled WebAssembly. No prompt, response, or conversation content leaves your trust boundary. You can optionally report verdict metadata (allowed/blocked, risk score, violation IDs) for compliance dashboards — without any patient content. Built for mental health, clinical, and sovereign deployments.

Can we enforce different rules per state or country?

Yes. Jurisdiction-scoped rules let you tag each rule with the jurisdictions it applies to — AU-VIC, US-CA, EU, or any custom code. Pass the user's jurisdiction in the evaluate request and only matching rules fire. Global rules (no jurisdiction tag) fire for everyone. One control pack handles all jurisdictions.

Partner Program

Resell AI governance under your brand

MSSPs, system integrators, and consultancies use DriftGard as their white-label AI compliance platform. Your brand, your clients, our engine.

🏷️
Full White-Label
Your logo, colours, favicon, and company name. Clients never see DriftGard. Custom subdomain included.
👥
Multi-Tenant Management
Create and manage client organisations. Set tiers, suspend accounts, push control packs — all from your partner dashboard.
📊
Usage & Billing
Per-client usage tracking, aggregate metrics, and export APIs. Bill your clients however you want — we handle the infrastructure.
🔒
Data Isolation
Logical or physical isolation per client. Dedicated tables available for enterprise clients who require it.
📧
Branded Communications
OTP emails, alerts, and reports all carry your brand. Custom reply-to address. Your clients see you, not us.
🚀
Fast Onboarding
Go live in days, not months. Pre-built control packs for 14+ verticals. SDK, CLI, and API ready from day one.
Become a Partner

Ideal for MSSPs, consultancies, system integrators, and compliance firms.

Control your AI before it makes a mistake.

From decision to action to audit — DriftGard ensures your AI stays within policy.

Request Demo Run a Pilot Audit
Get started

Request a demo
or pilot audit

What you'll see in the demo

Harmful response blocked in real-time with fallback
Agent tool call validated and blocked by parameter rules
Multi-step session tracked as a visual chain
Cost spike caught and alerted in real-time
Tamper-evident audit verification
Compliance report for EU AI Act or AU Privacy Act

Common starting point

Start in observe mode — profile real AI behaviour from historical logs, generate control policies, then enable real-time enforcement via SDK when ready.

Most teams say

"We fixed AI risk after the first incident."
DriftGard prevents the incident.