Technical Architecture # 12 Security Layers The technical core behind AiEGIS’ four products (Aegis Eye, Identity, Governance, Grid). 12 layers run inline on every `/api/protect` request — identity, instruction integrity, input sanitisation, compliance, behavioural intelligence. Every request, every layer, in sequence. 12 Layer security stack ✓ Comprehensive test suite 5 Frameworks covered The stack Every layer. Every request. 12 layers run inline on every /api/protect call. No layer is skipped on clean traffic — enforcement is unconditional. L1 Agent Identity Protocol Unique identity, certificates, lifecycle management Art. 13 Protect L3 Compliance Engine Policy rules, spending limits, approval queues Art. 14 Protect L4 Agent Police Real-time monitoring, risk scoring, quarantine Art. 9, 72 Protect L5 Model Quality Gate 5-tier certification for AI models Art. 15 Protect L6 Input Sanitiser 8 prompt injection and jailbreak patterns Art. 15 Protect L7 Memory Integrity Cryptographic hashing, tamper detection Art. 15 Protect L8 Tool Sandbox Isolated execution, signed tool manifests Art. 15 Protect L10 Data Protection PII detection, credential redaction, egress control, classification Art. 10 Protect L11 Network Security Mutual auth, replay protection, mTLS Art. 15 Protect L12 Behavioural Intelligence Baselines, anomaly detection, multi-agent correlation Art. 9, 72 Protect L14 Confidence Scoring Decision confidence, human review routing for low-confidence calls Art. 14 Protect L15 Correlation Engine Multi-agent action correlation, fleet-wide pattern detection Art. 72 Realtime AI Agent makes a request → 12 Layers run in sequence → Decision ALLOW · WARN · BLOCK → Your Dashboard full audit trail Active hardening Live capabilities · Phase 2 observation Runtime governance verifiers ✓ Ed25519 governance-payload signature + third-party capability attestation. Advisory observation, then strict enforcement. Auto-classification engine ✓ Verifier failures classified legitimate / adversarial / unknown with provenance versioning. Manual triage path for ambiguous cases. Anomaly observability surface ✓ Registry-side query endpoints for operator self-diagnosis + ops triage. Customer reads their own events; cross-operator isolation by SQL filter. Independently reproduced methodology ✓ Race-test cross-implementation reproduction published in [OWASP AIVSS Issue #31](https://github.com/OWASP/www-project-artificial-intelligence-vulnerability-scoring-system/issues/31). Defense-in-depth hardening ✓ Service-account HMAC rotation, source-IP allowlist, sliding-window rate limit, write-once permanent-class enforcement. Customer self-diagnosis ✓ Stripe-style error responses with correlation_id + remediation hints. Customer-cloud-only enforcement boundary; vendor-trust dependency removed. Technical depth Read the spec. Ship to it. [API reference →](/api/reference/) ✓ 18 endpoints across passport lifecycle, runtime protection, registry, anomaly observability, governance ledger. AEGIS-HMAC + AEGIS-SVC auth schemes documented. [Agent passport schema →](/docs/agent-passport-schema/) ✓ v1.5 governance_payload + v1.6 capability_attestation + delegation_chain + v1.8 governance_payload_signature. Canonical-bytes contract + verifier sequence. [Customer self-diagnosis →](/docs/troubleshooting/) ✓ 401 correlation_id flow, /registry/anomaly/my_events query path, reason-code remediation. Operator-bearer-scoped per-customer queries. Framework coverage Six frameworks. One platform. EU AI Act ✓ Articles 9, 10, 11, 12, 13, 14, 15, 50, 72 OWASP Top 10 ASI ✓ All 2026 Agentic Security categories CSA ATF ✓ Cloud Security Alliance AI Trust Framework NIST AI RMF ✓ Govern, Map, Measure, Manage ISO 42001 ✓ AI Management System standard Singapore IMDA ✓ Model AI Governance Framework