Do you support self-hosted deployment?

Yes: the Igris API and gateway ship as a Docker image you can run in your own VPC, with your own Postgres and Redis. Deployment is documented for Docker and EC2.

How does Igris govern third-party AI agents?

Point each agent at the Igris gateway through the SDK. Every MCP tool call and LLM request then routes through Sentinel and Guard, where it is matched against policy and written to the audit log.

What’s the overhead?

Gateway overhead stays minimal for policy-clean traffic, and audit writes are async so they never block the call. Guard inspection adds a small amount of latency that scales with prompt size.

Does this slow down adoption?

The opposite. Teams ship faster because security review collapses from weeks to same-day: the policy is already there, the audit is already on. You stop having ‘is this approved’ meetings.

How does it work with our SIEM or alerting?

Igris dispatches real-time alerts via Slack, Discord, and HTTP webhooks on policy denials, anomalies, and session suspensions. The full audit trail is exportable as JSON or CSV for ingestion into your SIEM.

Can our developers opt out?

No: policy is enforced at the gateway and SDK layer, not at the agent. Developers don’t lose capability; they only feel a denial when they hit a rule someone signed off on.

Solutions / AI AdoptersFor AI Builders For AI Adopters

For AI Adopters · Enterprise governance

Deploy AI across the enterprise. Lose nothing in the audit.

OpenAI in marketing, Anthropic in legal, an in-house RAG in support, a half-sanctioned Copilot in engineering. Igris sits in front of every one of them, governing the tool calls, inspecting the conversations, and handing your CISO a single audit trail.

Request Enterprise Demo →Explore the Platform

14AI vendors in scope

5M+tool calls / day

4compliance frameworks

lens.igris.security · /inventory/vendorslive

Vendors14

Agents142

LLM endpoints26

24h

VENDORAGENTSCALLS / 24HBLOCKEDSTATUS

OAOpenAIgpt-4o · o1-preview

38agents

1.84Mtool calls

412policy hits

governed

ACAnthropicclaude-3.7-sonnet

22agents

894Ktool calls

187policy hits

governed

GGGooglegemini-2.5-pro

14agents

312Ktool calls

64policy hits

governed

MSMicrosoft Copilotm365 · github

61seats

2.1Minteractions

228policy hits

partial

NTNotion AIworkspace assistant

340seats

412Kprompts

—

ungoverned

9 of 14 vendors fully governedlast sync · 14s ago

The shape of the problem

You don’t have an AI strategy. You have eleven of them.

Every department has picked their own vendor, their own model, their own integration. Igris collapses that sprawl into one governance plane, without taking anyone’s tool away.

Today: the sprawl

OAMarketing · OpenAISaaS

ACLegal · ClaudeSaaS

MSEng · CopilotM365

GGSales · GeminiWS

RGSupport · in-house RAGk8s

??Finance · Perplexityshadow

??PM · Cursor (personal)shadow

→

Igris governance plane

Sentineltool-call gateway0.8ms

GuardLLM I/O firewall1.1ms

Lensunified audit logasync

Policydeny-by-default, first-match-winsv.412

IdentityEmail · OAuth · API keysrbac

1 control plane42+ policy primitives

→

What your CISO gets

One audit logevery vendor, every interaction

PII redaction in flightSSN / email / AKIA / regex

Policy violations blocked912 / 24h · auto-routed

Compliance evidenceSOC 2 · EU AI Act · GDPR · HIPAA

Vendor risk scorerecomputed nightly

Kill switchtenant · user · session

Spend & token capsper-vendor, per-team

The invisible net

Three products. One layer between your enterprise and every AI it touches.

You don’t replace anyone’s AI; you just put Igris between them and the parts of your business that matter. Inline at the tool call, inline at the prompt, asynchronous at the audit.

GovernIgris Sentinel

Every MCP tool call evaluated against policy before it ships.

Sit between any third-party AI agent and the tools it would call. Match the caller’s identity, the tool, and the arguments against your policy. Allow, deny, alert, or redact.

openai-mkt · repo.readALLOW

claude-legal · file.deleteDENY

copilot-eng · git.pushALLOW

gemini-sales · crm.exportREDACT

rag-support · db.writeDENY

ProtectIgris Guard

Every LLM conversation inspected. PII never leaves the building.

Transparent proxy in front of every model your employees use. Strips PII, blocks prompt injection, validates responses against content policy. Zero impact on capability when traffic is clean.

prompt · injection sigBLOCK

prompt · SSN / emailREDACT

response · policy-cleanPASS

response · AKIA keyBLOCK

prompt · "summarize…"PASS

ObserveIgris Lens

Audit trail your auditor has been asking you for since the deal closed.

Every governed call, every redaction, every block lands in one queryable audit log. Evidence generators map activity to SOC 2, EU AI Act, GDPR, and HIPAA controls.

SOC 2 · CC6.1✓

EU AI Act · Art. 14✓

GDPR · Art. 32✓

HIPAA · §164.312✓

retention · 365d✓

What it does for you

Built for the team buying AI. Not the team building it.

Six capabilities that show up in your weekly security review, your quarterly board deck, and your auditor’s checklist.

Multi-vendor governance

One policy. Enforced across OpenAI, Anthropic, Google, Microsoft, custom RAG, and the next vendor your team adopts next quarter.

vendors covered14

cross-vendor policies42

vendor onboarding< 1 day

PII & content firewall

Inspect every prompt and every response. Strip SSNs, PHI, credentials, and proprietary identifiers before they reach the model, or come back from it.

SSN patternstrip + alert

internal IDsredact

customer PHIblock

Real-time threat detection

EWMA baselines flag rate spikes and destructive-call bursts, and prompt-injection signatures flag suspicious prompts. Alerts dispatch in real time, and you can suspend any session in one click.

prompt injection12 blocked / 24h

data exfil pattern3 blocked / 24h

cost spike alerts2 fired

Compliance evidence

Evidence generators pull from the audit trail to map activity to SOC 2, EU AI Act, GDPR, and HIPAA controls, and the full log exports as JSON or CSV for your auditors.

SOC 2 evidence✓ mapped

EU AI Act✓ Art. 9–17

export→ JSON · CSV

Zero impact on capability

Inline when policy needs to fire, transparent otherwise. Models keep their full reasoning. SDKs keep their full surface. Your teams don’t feel us until something hits a rule.

in-line gateway overheadMinimal

policy-clean traffic98.4%

capability degradation0

Integrations & self-host

Real-time webhooks to Slack, Discord, and Datadog on every denial, anomaly, and session suspension. Export the audit trail to your SIEM, and self-host the Igris gateway in your own VPC.

alert webhooksSlack · Discord · HTTP

audit exportJSON · CSV

self-hosted gateway✓ Docker · EC2

Compliance, on demand

Your next audit, one button away.

Lens continuously maps every governed interaction to specific clauses of the frameworks your auditor cares about. When they ask for evidence, you export the full audit trail as JSON or CSV; you don't spend a quarter assembling one.

SOC 2evidence mapping

SOC 2 Trust Services Criteria

Security, availability, processing integrity, confidentiality, privacy.

CC6.1 · access✓ 142 ctrls

CC7.2 · monitoring✓ 64 ctrls

CC8.1 · change mgmt✓ 38 ctrls

last export · 2h ago⤓ JSON · CSV

EU AI Actdraft v.412

EU AI Act · High-risk obligations

Articles 9–17. Risk mgmt, data governance, transparency, human oversight.

Art. 9 · risk mgmt✓ mapped

Art. 14 · oversight✓ mapped

Art. 15 · accuracy✓ mapped

last export · 6d ago⤓ JSON · CSV

GDPRevidence mapping

GDPR · Data protection

Article 5, 25, 32, 35. Purpose limitation, security, DPIA, processing records.

Art. 5 · principles✓ logged

Art. 32 · security✓ logged

Art. 35 · DPIA✓ template

last export · 11d ago⤓ JSON · CSV

HIPAAsafeguards

HIPAA Security Rule

Technical safeguards for PHI handled by AI systems, with BAA tracking.

Access · §164.312(a)✓ mapped

Audit · §164.312(b)✓ mapped

Integrity · §164.312(c)✓ live

evidence export⤓ JSON · CSV

One audit log to rule them all

Every vendor. Every interaction. One pane.

Point your alerting at the webhook and your CISO sees every AI conversation (vendor-agnostic) in real time. The same view your auditor asks for, exportable as JSON or CSV in a click.

lens.audit · cross-vendor streamall vendorspolicy hitsPII stripsanomalies5,124 events · last 5min

TIMEVENDORACTIONWHOVERDICTLATENCY