Before the agent acts, CAVRA decides.

The runtime authority layer for AI agents.

CAVRA governs AI-agent actions at the moment of risk: before code changes, shell commands, Git operations, MCP tool calls, CI/CD workflows, cloud operations, or infrastructure changes execute.

Pre-action
Decisions before execution
Evidence
Signed records and audit packets
AISPM
Runtime activity becomes posture
Live Runtime Intercept requires approval
agent: claude-code modify_iac target: iam/admin-role.tf
decision approval required controls: PROD_IAM_CHANGE, MCP_TRUST_CHECK

The category problem

AI agents are becoming operators. Your controls are still spectators.

CAVRA sits between agent intent and action. It evaluates policy, trust context, approval requirements, and evidence obligations before risky work touches code, cloud, identity, repositories, or production workflows.

Code writesBranch, file, dependency, and generated patch changes.
Shell executionCommands, scripts, package managers, and local secrets.
MCP toolsExternal systems, databases, tickets, browsers, and workflow tools.
Cloud changesIAM, Terraform, Kubernetes, CI/CD, and production environments.

What CAVRA does

Decide, enforce, prove, and assure.

01

Decide

Evaluate agent actions before execution using policy, context, and trust state.

02

Enforce

Allow, block, require approval, shadow, or attest based on risk and environment.

03

Prove

Generate signed evidence, audit records, control mappings, and reviewer context.

04

Assure

Convert runtime evidence into AISPM posture, findings, blockers, and reports.

Architecture

CAVRA connects agent intent to policy authority, evidence, and AISPM.

The CAVRA architecture is built around a pre-action decision plane, trust-aware connectors, verifiable evidence, and posture feedback. Community can self-host the public control surface; Managed and Enterprise Subscription add operated services, certified connectors, policy packs, customer-success review, and production readiness gates.

Component map

CAVRA component architecture

Agent & action surface AI coding agents CLI, IDE, MCP, CI/CD Runtime actions write, shell, PR, deploy Connected systems Git, cloud, ITSM, SIEM CAVRA runtime authority Decision plane allow, block, approve, attest Policy & approval router risk, env, reviewer, scope Trust context agent, MCP, identity, tenant Proof & posture Evidence store signed packets, attestations AISPM cockpit findings, blockers, reports Report delivery CSO, audit, board packets Operating model Community self-hosted Managed operated service Enterprise packs & support
Sequence

Pre-action control sequence

Agent CAVRA Policy Reviewer Target AISPM 1. propose action 2. evaluate controls 3. require approval 4. approve with scope 5. allow bounded execution 6. return result 7. write evidence and posture signal unsafe action blocked approval and evidence linked target changes are bounded AISPM updates readiness

Interactive Decision Simulator

Watch CAVRA evaluate an agent action.

Select an agent scenario and see the policy decision, evidence packet, and AISPM posture signal update together.

Decision packet block

          

AI Security Posture Management

CAVRA does not only discover risk. It creates control evidence at the moment of action.

Governed agents18
MCP trust coverage74%
Blocked risky actions42
Evidence freshness98%
Open exceptions3
Readiness blockers1

MCP Trust Boundary

CAVRA classifies tools before an agent can turn them into authority.

Model Context Protocol tools expand what agents can touch. CAVRA adds a trust map across registry, capability, environment, policy, runtime decision, and evidence so unknown tools do not silently become production operators.

Unknownquarantine
Restrictedapproval
Trustedattestation

Registry

Track MCP servers, owners, scopes, environments, and approved usage boundaries.

Capability Classifier

Separate read-only tools from tools that write code, mutate cloud state, open tickets, deploy, or access secrets.

Runtime Enforcement

Use trust tier, action, target, and environment to allow, block, or route approval before execution.

Evidence Feedback

Feed every tool decision back into AISPM coverage, exceptions, freshness, and readiness blockers.

Trial Access

A guided proof-of-value path for one real AI-agent governance use case.

Trial users should not browse a blank product. CAVRA Trial Access gives evaluators a concrete lab path: pick a risky workflow, intercept the action, apply policy, route approval, generate evidence, review AISPM, and close with a readiness packet.

01

Request access

Submit evaluator details and intended AI-agent workflow.

02

Receive license

Use a time-limited trial license and private package/container delivery path.

03

Run guided lab

Follow the Trial Field Guide to test a high-risk agent action end to end.

04

Review evidence

Export the decision packet, AISPM posture signal, and audit notes.

05

Close evaluation

Document success criteria, blockers, revocation, expiry, and production next steps.

Product paths

One product model. Four clear paths.

CAVRA Community

Full self-hosted runtime governance product and public codebase.

Deploy Community

CAVRA Managed

Hosted tenant operations, live ingestion, reports, audit storage, upgrades, and support workflows.

Explore Managed

Enterprise Subscription

Commercial support, SLA, certified connectors, policy/compliance packs, and implementation help.

Talk to Us

Trial Access

Time-limited evaluator path for one guided proof-of-value use case.

Plan Trial PoV

CAVRA Managed

Managed CAVRA, operated for teams that need production trust without operating every backing service.

Onboard tenant Connect agents Configure policies Stream evidence Operate AISPM Deliver reports Review success

What we operate

Tenant onboarding, policy registry, dashboards, report delivery, audit storage, monitoring, upgrades, support handoff, and billing operations.

Deployment models

Managed, self-hosted Community with Enterprise Subscription, or hybrid where sensitive data remains customer-side.

Data handling

Evidence, connector metadata, retention, export, deletion, and tenant isolation are explicit operating boundaries.

TenantSSO, RBAC, policies
ConnectorsGit, CI/CD, MCP, report providers
CAVRA Control Planedecision, evidence, AISPM
Evidence Storeretention, export, deletion
Operating Reviewreports, blockers, success plan

Tenant onboarding

Define tenant identity, reviewer roles, approval routes, connector scope, reporting recipients, and evidence retention.

Data collected

Runtime decision metadata, policy outcomes, connector metadata, approval history, evidence packets, reports, and operational audit events.

Data not collected

CAVRA does not require source-code ingestion, model prompts, customer secrets, or broad production credentials for the public website experience.

Credential handling

Connector credentials live in deployment secret stores, use least-privilege scopes, and are redacted from reports and public artifacts.

Retention and deletion

Evidence retention, export, deletion, and closeout are configured as tenant operating controls rather than hidden implementation details.

Operations model

Monitoring, upgrade planning, incident handoff, release review, and customer-success operating reviews are part of the Managed service path.

Enterprise Subscription

Commercial support for serious AI-agent governance.

Support & SLA

Response targets, escalation, upgrade guidance, and release review.

Certified Connectors

GitHub, GitLab, Azure DevOps, SIEM, ITSM, ChatOps, cloud, and report providers.

Policy Packs

AI coding-agent controls, MCP trust, CI/CD, IaC, regulated release, and evidence readiness.

Compliance Packs

NIST AI RMF and OWASP GenAI/LLM risk mappings, plus audit evidence templates.

Implementation Services

Tenant design, policy design, connector setup, pilot launch, and readiness review.

Procurement Pack

Security questionnaire answers, architecture brief, data-handling brief, and trust docs.

Support modelSeverity levels, response windows, escalation path, release review, and guided upgrade planning.
Connector catalogSupported Git, CI/CD, cloud, ITSM, ChatOps, SIEM, report provider, and MCP integration patterns with release cadence.
Policy catalogProduction change, shell execution, IaC, MCP trust, regulated release, break-glass, and evidence readiness packs.
Compliance mappingNIST AI RMF, OWASP GenAI/LLM risks, audit packet templates, and board-ready evidence summaries without certification overclaiming.
Implementation phasesDiscovery, tenant design, connector setup, policy authoring, pilot, production readiness, and operating review.
Buyer packetArchitecture brief, security questionnaire support, trust/data handling note, sample evidence, and procurement references.

Evidence Packet Explorer

Different readers, one control record.


        

Trust & Security

Built for security teams who ask where the data, credentials, and evidence live.

No public secretsCredentials, signing keys, SMTP passwords, and customer records stay out of public repos.
Tenant boundariesManaged and self-hosted deployments define evidence, policy, report, and connector isolation.
Connector credentialsUse deployment secret stores, rotation practices, and redacted delivery evidence.
Compliance mappingMap controls to NIST AI RMF and OWASP GenAI/LLM risks without overclaiming certification.
Security modelCAVRA separates pre-action decisions, approval authority, evidence, and reporting so controls remain inspectable.
Secret managementManaged and Enterprise deployments should use Key Vault, cloud secret stores, or customer-controlled secret backends.
Evidence retentionRetention windows and export formats are explicit tenant settings tied to audit and closeout requirements.
Public/private boundaryCommunity code and public docs stay separate from private packages, customer evidence, and commercial operating data.
Responsible disclosureSecurity findings should route through the published repository security policy or direct contact path.
Managed boundaryManaged CAVRA operates control-plane services while customer connector scope and production authority remain deliberately bounded.
Subprocessor noteInfrastructure providers depend on deployment model; customer-specific lists belong in the commercial trust packet.
No overclaimingCAVRA provides mappings and evidence workflows; formal certifications are stated only when separately completed.

Choose your path

Different teams see different proof.

Resources

Buyer packet shelf.

Product introduction video

Video slot ready for the invideo.ai render.

The product website is ready to feature the CAVRA introduction video once the final invideo.ai URL is available. Until then, the script is published for review and production.

Coming next CAVRA Product Introduction

90-second executive overview: runtime authority, evidence, AISPM, Managed, Enterprise Subscription, and Trial Access.

Open Video Script

Put an authority layer between AI agents and action.

Start with one governed agent, one workflow, and one evidence packet.