Protect What Makes Your Company Unique.
The Behavioral Firewall for AI Agents.
KYDE makes AI agents trustworthy enough to hand them real responsibility. It prevents what an agent must not do, proves what it did, and keeps your knowledge yours.
$ export OPENAI_BASE_URL=https://kyde.intranet/v1
Shadow Agents Are Already Running.
Do You Know What They're Doing?
Shadow AI was employees using unauthorized tools. Shadow Agents are autonomous systems calling APIs, processing data, and making decisions, outside IT and security oversight entirely.
And while they work, every prompt, trace, and correction flows upstream. Your know-how, training someone else's model.
Courts hold you liable for what they do. Not the vendor, not the model. Ask Air Canada.
KYDE gives you the complete picture from the moment you deploy: every agent identity, every action, every upstream provider.
One gateway. Every agent. Zero code changes.
Not on the machine. Not in the agent. KYDE sits outside, in the path itself: every action passes through it, intercepted, scoped, and signed before it executes.
AI Agents
KYDE
Agent Governance Gateway
Identity
Cryptographic agent identity per action
Policy
Role boundaries & scope enforcement
Audit
Tamper-evident ledger of every action
Control
Block out-of-scope requests in real time
Critical Systems
$ kyde fleet init
✓ Fleet proxy started on :8080
✓ Agent identities provisioned
✓ Role boundaries enforced
✓ Tamper-evident ledger initialized
$ kyde fleet status
✓ 12 agents active, all scoped, signed, accountable
Nobody hands real responsibility to an agent nobody can trust.
No one gives an agent access to payments, customer data, or production systems until someone can control, prove, and rate what it does. That’s what these three layers unlock: deployed in minutes, covering every agent from day one.
// incoming · agent:support-02 → openai/gpt-4o
"Draft a reply to j.mueller@acme.com confirming the contract value of €1.2M …"
// decision · policy:dlp-standard · 12ms
⚠ PII detected, 2 entities · role:auditor → mask
"Draft a reply to [EMAIL:masked] confirming the contract value of [FIN:masked] …"
FIG.4 · PII detected. Email masked. Context redacted by role · before the auditor could see it.
Before the damage
Prevent What Must
Not Happen.
Deterministic guardrails on a probabilistic technology. Deny-by-default at the boundary: the damage doesn’t happen first and gets explained later. It never happens.
- 1.1 Block out-of-scope requests in real time
- 1.2 Attribute every action to a verified agent identity
- 1.3 PII detected and masked by role, in prompts and completions, before delivery
- 1.4 Works with every provider: OpenAI, Anthropic, Google, local models
- 1.5 See and stop knowledge egress to model providers, before it becomes their training data
After the action
Prove What Happened.
The Suspect Can't Write
the Police Report.
Your LLM provider's log lives on their infrastructure, signed with their keys, accessible only through their console. In a dispute involving them, it's worthless. KYDE's audit trail is architecturally independent, Ed25519-signed, hash-chained, captured before the action reaches any provider.
- 2.1 Architecturally independent of every LLM provider, captured before it reaches them
- 2.2 Every entry Ed25519-signed and hash-chained: tamper with one, every subsequent link breaks
- 2.3 Undeletable by any agent, including the one being investigated
- 2.4 Compliance reports generated automatically
FIG.5 · Every action becomes a signed ledger entry. #a4d1 references #a4d0: history can't be rewritten, only extended.
FIG.6 · Four agents, four providers, one currency. Rated on behavior, not vendor claims.
Across the network
Rate Every Agent.
In One Currency,
Across Every Provider.
The KYDE Trust Score™: agent behavior rated across every provider in the same currency. Vendors grade their own homework. We grade behavior. Trust that can be measured can be priced. And insured.
- 3.1 One scale for OpenAI, Anthropic, Google, and local models
- 3.2 Computed from the signed ledger: evidence, not vendor telemetry
- 3.3 The underwriting signal insurers can price
Liability Makes Trust Urgent. Courts Already Enforce It.
Air Canada lost because its chatbot gave wrong information. The court held Air Canada liable, not the vendor, not the model.
Your AI agents negotiate, transact, and make commitments in your name, right now. Regulators, auditors, and courts will hold you accountable for what they do.
Moffatt v. Air Canada
"Air Canada cannot avoid responsibility for information provided by its agent."
The question isn't whether you need an evidence trail. It's whether yours would survive scrutiny.
NIS-2
In force · DE: NIS2UmsuCGPersonal liability for management. Not delegable to the CISO.
The board is personally on the hook.
DORA
In force: Jan 2025Operational-resilience evidence for financial entities.
Financial entities must prove it.
EU AI Act
High-risk: Dec 2027Art. 12 logging and audit-trail duties for high-risk AI.
The second wave, already dated.
The buying trigger is liability, not innovation.
Built With Regulated Industries, Not For Them.
Active design partnerships across Finance, Insurance, Healthcare, Public Sector, and Critical Infrastructure in Germany and the EU. Built for NIS-2, DORA, EU AI Act, and GDPR from day one.
Get started