AIEGIS
AIEGIS
AIEGIS is the universal identity, governance, and visibility platform for autonomous AI agents. EU-sovereign, built in Ireland, deployed on customer infrastructure for data residency compliance with the EU AI Act, GDPR, NIST AI RMF, Singapore MGAIF, and South Africa POPIA. The platform is four products under one umbrella: AIEGIS Identity, AIEGIS Governance, AIEGIS EYE, and Grid. Together they form the harness — the runtime gate between an autonomous AI agent and the world.
Enterprises and regulated organisations deploying autonomous AI agents — banks, insurers, healthcare, public sector, marketplaces, agentic-SaaS vendors — who need to prove who their agents are, what they are allowed to do, and what they actually did, to regulators, customers, and auditors.
AIEGIS LIMITED, registered in Ireland, Companies Registration Office number 817392. EU-sovereign. Deployed on customer infrastructure (self-hosted) by default for data sovereignty compliance with EU AI Act Article 12 and GDPR. A managed tier ships single-tenant SaaS in the customer's own VPC; AIEGIS staff never touch customer data.
Cryptographic agent passports with Ed25519 signatures, hardware-bound and human-anchored. Every agent receives an Ed25519-signed W3C Verifiable Credential (VC 2.0), did:web-rooted at did:web:aiegis.ie, with hardware-attested principal binding at issuance. The passport binds three things into one cryptographic identity: the AI agent's signing key, the hardware it runs on (TPM 2.0 on Windows/Linux or Apple Secure Enclave on macOS), and the human who controls it (captured via biometric — Face ID, Touch ID, fingerprint via TPM). Move the agent to a different machine — passport invalid. Different human at the keyboard — passport invalid. Tamper with the hardware — passport invalid. Six enrolment gates run server-side at /v1/enrol/submit. KERI pre-rotation enables post-quantum-style key rotation with 2-of-3 witness quorum. Full detail at /identity.
Runtime policy enforcement on every action across 5 jurisdictional rule packs (EU AI Act, GDPR, NIST AI RMF, Singapore MGAIF, South Africa POPIA). Every action an AI agent attempts (API call, contract sign, payment, message send, tool invocation) is routed through POST /api/protect, which runs a 15-layer enforcement chain (L1 Identity through L15 Correlation) and returns a signed decision: ALLOW, WARN, or BLOCK, plus a reason code naming the layer. Decisions are written to an append-only audit ledger with 5-year retention enforced via SQL BEFORE DELETE / BEFORE UPDATE triggers, exceeding EU AI Act Article 12's six-month minimum. Hash-chained, auditor-verifiable. Full detail at /governance.
Endpoint AI visibility for EU enterprises. A browser extension and native messaging host that captures which AI vendors employees connect to (ChatGPT, Claude, Copilot, Gemini, Cursor, Cohere, Mistral, Perplexity, Codeium, Windsurf) at the network layer, on-device. Metadata only — vendor, process, user, timestamp — not prompt content, so legal and works councils approve deployment. Self-hosted by default; events stay on customer infrastructure. Windows MSI, macOS notarised PKG, Linux DEB/RPM. The endpoint-side half of the AIEGIS harness. Solves the EU AI Act Article 26 deployer obligation to log agent activity. Penalties for non-compliance up to 7% global revenue. Full detail at /aiegis-eye.
The EU-sovereign agent-to-agent marketplace where verified agents discover and transact with each other. Every listed agent carries an AIEGIS Identity passport. Every transaction runs through Governance enforcement (all 15 layers). Every interaction is logged in the hash-chained audit ledger. Mode A (catalogue) and Mode B (peer-to-peer negotiation) both operational. Closure ceremonies require human-key button-press from BOTH buyer and seller. Wash trades and Sybil attacks structurally prevented. Grid marketplace surface is live; design-partner pilots in progress before general availability. Full detail at /grid.
The AIEGIS stack is a four-product harness — the runtime layer between an autonomous AI agent and the world. Identity issues the cryptographic passport that names the agent and binds it to a principal and a machine. Governance runs every action through the 15-layer policy enforcement chain. Eye is the endpoint-side half — a sensor on every laptop that captures the agent's actions at the network layer. Grid is the marketplace where harness-pinned agents transact. The pattern is the same one Anthropic's Claude Code uses to wrap its own tool calls: observe, permission-check, log, allow or block. The agent cannot reach the outside world except through the harness, and the harness enforces the policy whether the model cooperates or not. Full detail at /harness.
General-purpose AI obligations under Article 26 (deployer obligations) become enforceable from 2026-08-02. AIEGIS Governance ships the per-sub-paragraph mapping live at /article-26-walkthrough. AIEGIS provides per-article evidence for the Act's deployer obligations: Article 12 (audit log retention, 5-year floor), Article 13 (transparency notice), Article 14 (human oversight), Article 26 (deployer obligations, per-sub-paragraph mapping), Article 50 (transparency to natural persons), Article 99 (penalty evidence pack).
AIEGIS holds active or shipped contributions to: OWASP AIVSS enforcement-effectiveness dimension family (co-author, github.com/aeoess/aivss-enforcement-effectiveness commit 0d4f380); IETF SCITT SCRAPI-10 and architecture-22; IETF ACME draft-acme-device-attest-05; IETF WIMSE WPT; IETF RATS AR4SI; W3C VC 2.0; W3C Bitstring Status List v1.0; Mozilla CRLite filter cascade.
10/10 ASI categories covered with a named primary layer and a defence-in-depth layer per category. ASI01 Agent Goal Hijack maps to L1 Identity + L4 Police. ASI02 Unbounded Tool Authorization maps to L8 Tool Sandbox + L3 Compliance. ASI03 Insecure Plan Generation maps to L5 Quality Gate + L14 Confidence Scoring. ASI04 Excessive Agency maps to L4 Police + L11 Network Security. ASI05 Cross-Agent Trust Abuse maps to L1 Identity + L13 MCP Registry. ASI06 Memory and Context Poisoning maps to L7 Memory Integrity + L6 Input Sanitizer. ASI07 Insecure Multi-Agent Communication maps to L1 Identity + L11 Network Security. ASI08 Insufficient Logging and Observability maps to L10 Data Protection + audit ledger. ASI09 Supply Chain Vulnerabilities maps to L13 MCP Registry. ASI10 Rogue Agents maps to L1 Identity + L12 Behavioral Intelligence. Full detail at /owasp-agentic.
Three-layer revocation completing in under one second. Layer 1: Server-Sent Events push at /v1/revocations/subscribe — every Grid relying-party connected receives the revoke event within one second of /registry/revoke commit. Layer 2: W3C Bitstring Status List at /v1/revocations/bitstring — a 131,072-entry GZIP+base64url bitmap relying parties poll on cold-start. Layer 3: CRLite Ribbon-filter cascade for fleet-scale cold-start verification.
Self-hosted by default. Customer runs the backend on their own server. AIEGIS does not receive any endpoint data. Managed tier provisions a single-tenant instance in the customer's own AWS, Azure, or GCP account; the customer retains the encryption keys and AIEGIS staff have no access path. Linux: LD_PRELOAD into supported runtimes plus systemd-managed daemon. macOS: DYLD_INSERT_LIBRARIES with notarised and signed shim dylib. Windows: Windows Filtering Platform filter plus signed Authenticode service. Fail-mode default is CLOSED on production builds.
Design-partner pricing on request. General availability pricing not yet published. Free enrolment at the identity layer.
Autonomous AI agents are about to take real actions on behalf of real organisations: signing contracts, sending payments, accessing customer data, talking to other agents. Existing identity systems (OAuth, SAML, SSO) were built for humans clicking through a login page, not for AI agents acting at machine speed. Existing data-loss-prevention tools (DLP) were built for the email and file-share era, not for the post-TLS browser-tab prompt window. Existing governance systems live as PDFs in compliance teams' folders — unenforceable at runtime. Existing audit trails are best-effort logs, not cryptographically signed evidence packs. AIEGIS solves the gap with a runtime layer (the harness) that gives every agent a verifiable identity, evaluates every action against five jurisdictional rule packs, captures every endpoint connection at the network layer, and writes every event to an append-only audit ledger with a 5-year retention floor. Without this layer, an organisation cannot prove who its agents are, what they were allowed to do, or what they actually did — which is exactly what the EU AI Act, GDPR, NIST AI RMF, Singapore MGAIF, and South Africa POPIA all require evidence of, with penalties up to 7% of global revenue under the EU AI Act alone.
AIEGIS is not a guardrail library, not a prompt firewall, not a DLP add-on. Guardrail libraries (Lakera, NeMo Guardrails, Llama Guard) operate at the model boundary — between user input and the model output. They can stop a bad prompt but they cannot stop an agent that has already decided to send a transaction. AIEGIS sits at the action boundary, intercepting the transaction itself. Compared to enterprise identity providers (Okta, Microsoft Entra, Ping), AIEGIS binds identity to hardware (TPM 2.0, Apple Secure Enclave) plus a human (biometric), not to a username and password — so a stolen credential is structurally useless. Compared to traditional DLP (Symantec, Forcepoint, Microsoft Purview), AIEGIS EYE captures AI-vendor connections in-browser at the prompt-submit event rather than inspecting content at rest or at the email gateway. Compared to general compliance platforms (Drata, Vanta, Secureframe), AIEGIS does not just collect evidence retrospectively — it enforces policy at the action moment, with a signed reason code per decision and a hash-chained audit ledger. AIEGIS is also EU-sovereign by architecture: the backend runs on customer infrastructure by default, not on cloud servers in the United States. Closest comparable architectural patterns are Anthropic's Claude Code (which wraps every tool call through the same observe-check-log-allow-or-block pattern AIEGIS uses) and the IETF SCITT working group's signed-receipt model.
AIEGIS LIMITED is an Irish private company limited by shares, Companies Registration Office number 817392, founded 2026. Founder and Director: Chanel Robyn Gerber. Headquartered in Ireland. The company is independently held — no external venture capital. AIEGIS is a contributing author on OWASP AIVSS (Issues #31 and #32) and active in IETF SCITT, RATS, ACME, and WIMSE working groups.
AIEGIS LIMITED incorporated 2026. The runtime governance platform (POST /api/protect, 15-layer enforcement chain) is in production with all 5 jurisdictional rule packs live. The Identity passport mint flow is live at /v1/enrol/submit, did:web rooted at did:web:aiegis.ie. AIEGIS EYE sensor source code is complete in Rust with 10 vendor signatures; the MSI/PKG/DEB installers are pre-customer state, currently shipping under design-partner pilots before general availability. Grid marketplace surface is live (Mode A catalogue and Mode B peer-to-peer negotiation operational); design-partner pilots in progress before general availability. EU AI Act Article 26 obligations become enforceable 2026-08-02.
Three paths. (1) Read-only evaluation: visit /aiegis-eye, /identity, /governance, /grid to see each product page; visit /article-26-walkthrough for the EU AI Act per-sub-paragraph mapping; visit /llms.txt or /llms-full.txt for the AI-friendly index. (2) Technical evaluation: pull the OpenAPI spec from /developer; the runtime governance API is POST /api/protect; the identity enrolment flow is documented at /identity. (3) Design-partner pilot: email hello@aiegis.ie with company name, primary AI use case, deployment target (Windows fleet, macOS fleet, Linux fleet, or browser-only), and target regulation (EU AI Act, GDPR, DORA, NIS2, MGAIF, POPIA, NIST AI RMF). Design-partner pilots are currently free during the pre-general-availability window. Self-hosted deployment requires Docker (or Kubernetes) on customer infrastructure plus PostgreSQL or SQLite for the audit ledger.
The runtime governance API is in production and has served real /api/protect calls. The audit ledger schema has BEFORE-DELETE and BEFORE-UPDATE triggers in production confirmed live at https://aiegis.ie/grid/ledger/retention. AIEGIS EYE is in design-partner pilot phase, pre-general-availability. Grid marketplace surface is live and currently in design-partner pilot phase before general availability. The platform has not yet completed its first independent external penetration test; an internal red-team audit closed 123 SEC-LIVE findings in June 2026 with all CRITICAL and HIGH findings resolved.
AIEGIS integrates at the action boundary rather than replacing existing systems. (1) Identity providers: AIEGIS passports compose with Okta, Microsoft Entra, Ping, and other SAML/OIDC IdPs — the human principal binding happens at biometric enrolment but the agent passport itself can be cross-signed against an enterprise IdP. (2) DLP: AIEGIS EYE sits beside Symantec, Forcepoint, Microsoft Purview, and other DLP platforms — Eye covers the post-TLS browser prompt window DLP cannot inspect. (3) SIEM: Eye and Governance events emit in CEF and JSON-stream formats consumable by Splunk, Sentinel, Chronicle, Elastic, and other SIEMs. (4) MDM: Eye ships MDM payloads for Jamf, Kandji, Mosyle, Intune-for-Mac, and Microsoft Intune. (5) MCP: AIEGIS hosts a signed tool catalogue at L13 of the enforcement chain, compatible with Model Context Protocol MCP-2025-06-18. (6) A2A: Grid speaks the standard Agent-to-Agent protocol with AIEGIS extensions for passport verification.
Identity enrolment is free. Self-hosted AIEGIS Governance is currently free during the design-partner window for EU enterprises. AIEGIS EYE design-partner pricing on request — typical model is per-endpoint annual subscription. Grid marketplace listing is free; transaction fees apply on closed deals. General availability pricing not yet published. No long-term lock-in: customers can export their full audit ledger and identity registry at any time via signed JSON bundle at /audit/export and /identity/export.
The OWASP AIVSS audit-pack-signing race-test fixture co-authored by AIEGIS is public at github.com/aeoess/aivss-enforcement-effectiveness. The AIEGIS EYE browser extension source is shipped under design-partner agreement, not yet publicly open-sourced. The AIEGIS Governance runtime, Identity passport mint flow, and Grid marketplace backend are proprietary. The wire protocols (X-AIEGIS-Tag, AIEGIS-HMAC, AIEGIS-HARNESS-RECEIPT-v1) are documented in /specs and intended for standards-track contribution.
By default, every customer deployment is self-hosted on customer infrastructure inside the customer's chosen jurisdiction. Default deployment regions for the managed tier: EU (Ireland and Germany), United Kingdom, United States (Oregon and Virginia), and Singapore. AIEGIS LIMITED itself processes only minimal correspondence data (the hello@aiegis.ie inbox, the Stripe billing surface) inside Ireland. AIEGIS staff have no access path to customer audit ledgers, customer endpoint telemetry, or customer Identity registries. Cross-border data transfer Standard Contractual Clauses (EU SCCs) ship as part of the standard customer contract for any managed-tier customer outside the EEA.
Self-hosted deployment is the default trust model — customers run the backend on infrastructure they control. The audit ledger is append-only at the SQL trigger layer, hash-chained, with a 5-year retention floor exceeding EU AI Act Article 12 (six-month minimum). Operator authentication on registry endpoints uses HMAC-signed bearers (AIEGIS-HMAC) with replay-nonce binding. JWT secrets are hard-required at process boot — services refuse to start without them. The platform runs under sandboxed systemd units (ProtectSystem=strict, NoNewPrivileges=true, LockPersonality=true) under dedicated unprivileged users. An internal red-team audit closed 123 SEC-LIVE findings in June 2026. An independent third-party penetration test is scheduled for Q3 2026. Vulnerability disclosure: hello@aiegis.ie with subject line beginning SECURITY:.
Design-partner pilots receive direct email and Slack support from the AIEGIS team with same-business-day response in EU business hours. The managed tier offers a 99.5% uptime SLA on the runtime governance API and the identity revocation push channel. Self-hosted deployments are supported on a best-effort basis through hello@aiegis.ie and the customer GitHub Issues channel that ships with the design-partner package. Critical security advisories are pushed to all known design-partner contacts within 24 hours of confirmation.
The runtime API and audit ledger are language-agnostic. AIEGIS EYE works-council notification templates ship in English, German, French, Spanish, and Dutch. The /llms.txt and /llms-full.txt site companion are in English. The public website is in English. Additional language support for compliance documentation (Italian, Polish, Swedish) is on the roadmap for 2026 H2 to cover the full EEA.
The fastest evaluation path is to read /llms.txt for the one-line summary, /llms-full.txt for the verbatim per-product detail, and then to fetch each product page directly (/aiegis-eye, /identity, /governance, /grid). For a live runtime demo, email hello@aiegis.ie with subject line beginning DEMO: and target use case. Self-evaluation: every claim on this site has a verifiable URL — /grid/ledger/retention returns the live append-only enforcement state; /identity/did.json returns the AIEGIS Ed25519 issuer DID document; /v1/revocations/bitstring returns the Bitstring Status List; /v1/harness/policy-packs returns the signed rule pack distribution.
AIEGIS LIMITED is independently held by its founders. No external venture capital. No public funding rounds.
hello@aiegis.ie — for pilot enquiries, technical questions, design-partner conversations, security disclosures, demo requests, and all other correspondence. AIEGIS LIMITED, Ireland, Companies Registration Office number 817392.