Verillian
Book a demoStart a pilot
PlatformHow it worksSecurity & architecture
Use casesUse casesAI Audit TrailAI Data Loss PreventionShadow AI DiscoveryAI GovernanceIndustriesHealthcareLaw enforcementGovernmentDefense contractorsFinancial servicesEducation
TrustTrust centerCompliance mappings
ResourcesLibraryDocsFAQ
Partners
About
Book a demoStart a pilot
FAQ

Questions, answered

What Verillian is, how it deploys, how licensing works when the software runs entirely on your infrastructure, and where your data lives. For anything not here, contact us.

About Verillian

What is Verillian?
A control layer for how your institution uses AI. A lightweight agent on each device intercepts AI traffic, enforces your policy at the moment of execution, keeps sensitive data inside your boundary, and writes a signed, tamper-evident record of every decision.
Will it change how our people work?
No. People keep using the AI tools they already use. The only visible sign is a small status icon. There is nothing new to learn and no workflow to change.
Which AI tools and providers does it cover?
Any tool that reaches a provider over standard secure web traffic: chat assistants, coding assistants, and command-line AI clients. Verillian detects, redacts, and blocks at the boundary across providers. The deepest, fully-parsed audit coverage is for Anthropic, Claude and Claude Code, today, and it expands to the providers our first institutions use. We let the pilot decide what we build next.
Is Verillian an AI company?
No. There is no model. Verillian is the layer the models pass through, where your policy is enforced and the record is made.

Privacy and data

Does Verillian read our content?
No. Audit content is encrypted under a key only you hold, on a server that stores ciphertext it cannot read. Verillian the company never receives your AI content.
Is our data used to train AI models?
No.
Once installed, can Verillian reach into our system?
No. It runs entirely in your environment and verifies its license offline, with no phone-home. We cannot see your activity, start it, or stop it. Commercial control comes from the signed license key, not from access.
Where is the record kept, and who can see it?
In your environment, under your control. Only the administrators and reviewers you authorize can see the activity record.

Deployment

What devices are supported?
macOS and Windows, deployed through your existing device management tooling: Jamf, Intune, Kandji, Configuration Manager, or Group Policy.
Do we need to change our AI tools or install plugins?
No. The agent works without changes to the tools themselves.
Does it work in air-gapped or restricted environments?
Yes. Verillian operates, and verifies its license, without any dependence on outside connectivity.
Will it slow things down?
No. The agent is lightweight and designed to stay out of the way.

Licensing and pricing

If Verillian runs on our infrastructure, how is our seat count enforced?
Through a signed license key. Verillian is self-hosted, so there is no remote control plane, but the software runs only what its key authorizes. The key is a cryptographically signed file that encodes your device count and your term. The software verifies it offline on every start. It cannot be edited or forged: only Verillian holds the keys that sign it.
Can we add devices in the middle of a term?
Yes. Tell us the new count and we issue an updated key that runs to your existing renewal date. The added devices are prorated to the time left in your term, so you pay for the remaining months, not a full year. Reducing your count is handled at renewal.
How is Verillian priced?
Per device, per year, not a one-time fee. Multi-year terms are available and are encoded directly into the license key. Contact us for pricing for your institution.
How does renewal work, and what happens if we stop?
Before your term ends, you renew and we issue a new key. If you choose not to renew, no new key is issued and the software locks at expiry until a valid key is installed. Only Verillian can generate a valid key, so coverage is always explicit and under contract. Your data is untouched and stays in your environment throughout.

Security and compliance

How do we know the record was not altered?
Every entry is Ed25519-signed and hash-chained to the one before it, so any change to any entry is detectable. You can stand behind the record in an audit or review.
Which compliance frameworks is it built for?
Regulated sectors including law enforcement, healthcare, education, government, defense, and financial services: CJIS, HIPAA, FERPA, CMMC, FedRAMP-aligned, and financial frameworks. Compliance mappings are available on the trust center.
How do we report a security issue?
Email security@verillian.ai. See the vulnerability disclosure page on the trust center.

Still have a question?

Tell us what your team needs to know and we will answer it directly.

Contact usStart a pilot