Security & architecture

Deny by default. Keys stay home.

Verillian has two components: a lightweight agent, the sentinel, on each workstation, and a central admin server for policy distribution, audit storage, and fleet management. Nothing sits between them that can read your content.

The security model

Six principles, enforced by construction rather than by policy documents.

Fail-closed: No valid policy, no AI traffic. If the audit pipeline fails, traffic stops. Deny by default.
Non-repudiation: Every entry is signed by the originating device. Signatures cannot be forged by the server or any other party.
Tamper-evidence: An append-only chain where each entry depends on its predecessor. Any modification breaks the chain detectably.
Key isolation: Signing keys never leave the device. Decryption keys are managed independently and never persisted on the server.
Opaque-ciphertext server: The server stores ciphertext it cannot read. Metadata is indexed for search. Content requires the institution's key.
Signed policies: Sentinels accept only policies signed by a trusted authority. Unsigned or revoked policies are rejected.

How interception works, in plain terms

The sentinel uses standard operating-system mechanisms to govern AI traffic on the device. The employee sees no change. If a tool speaks HTTPS to a provider, Verillian governs it, with no plugins, wrappers, or changes to the tool.

See the full data flow

On the device: Governing happens locally, before any content reaches an outside provider. A blocked request never leaves.
Any provider: Verillian is not tied to one model or vendor. It governs any HTTPS AI tool at the boundary; full structured audit is deepest for Anthropic, Claude and Claude Code, today, and expands to the providers your pilot uses.
Invisible to staff: AI tools work exactly as before. The sentinel is present only as a system-tray status icon.

What operators get

The admin console gives IT and security teams visibility and control across the fleet, on infrastructure you run.

Session review: Browse all AI usage. Drill from sessions to conversations, turns, and tool calls. See what was allowed, blocked, or redacted, in full context.
Tool-call analytics: An interactive view of observed AI activity: what is used, how often, and by whom. Create policy directly from observed patterns.
Policy management: Create, modify, and retire policies with mandatory justification. Full change history with cryptographic proof. Multi-approver workflows.
Device fleet: Monitor enrolled sentinels: connection status, versions, heartbeat health, chain integrity. Enrollment queue and bulk operations.
Chain verification: Verify audit-chain integrity across all devices at any time. Detect tampering, gaps, or anomalies, per device and fleet-wide.
Compliance reporting: Periodic reports on usage, enforcement, anomalies, chain integrity, and redactions, designed to support a formal acknowledgment step before archival.

Verillian · system overviewaggregate device + provider volume · no per-user attribution

Last 24hLast 7dLast 30d

AI usage

90 requests in last 7d, across 5 providers.

request volume by provider

048anthropicopenaigooglemetamistral

05-2505-2605-2705-2805-2905-3005-31

anthropic openai google meta mistral

policy decisions7 blocked · 14 redacted in last 7d

018

05-2505-2605-2705-2805-2905-3005-31

allowed redacted blocked

system overview · representative view

Hand it to your security team

The clearest way to evaluate the architecture is to run it. We will work directly with your security and IT functions during a pilot.

Start a pilot Book a demo