Skip to main content
WardenOpen-source AI scannerExplore →

The Platform

Seven capabilities. One execution path.

Each of the seven does a different job. None of them is useful without the others. Together they make the execution layer — the layer where the agent's decision becomes an action — actually governable.

01 · Inline enforcement

Every tool call passes through. Nothing is observed-only.

WhiteFin sits on the data path between agent and tool. It is not a SIEM, not a monitor, not a side-channel. Every call your agent makes is intercepted and decided on before it reaches the API. If WhiteFin is not in the path, the call does not run.

How enforcement works →
ToolGuard™ Live
delete_records(batch_7)
DRY-RUN
read_portfolio(user_42)
PASSED
execute_trade(AAPL, 500)
BLOCKED
02 · Argument-level inspection

Not just which tool. Which argument, against which resource.

Allowing 'database.query' means nothing. Allowing 'database.query against the customer table, with a row limit, during business hours, by an agent acting on behalf of a specific user' means everything. WhiteFin enforces at the argument level — the level where the actual damage gets done.

See the guard stages →
$ dry_run execute_trade(AAPL,
03 · Agent Passport

Cryptographic identity for every agent in your stack.

An agent without an identity is an unmanaged actor with your credentials. Agent Passport assigns each agent a signed identity, scoped capabilities, and a key that proves the call originated where it claims to have. Inter-agent injection stops being plausible deniability.

Causal provenance →
AGENT PASSPORT
agent-7f3a
TRUST TIER
VERIFIED
SIGNATURE
ECDSA P-256
TOOLS ALLOWED
12
EXPIRES
24h rolling
RISK SCORE
0.12
ISSUED
2026-04-02
04 · Policy Bootstrap

Generated from observed behavior. Approved before it ships.

You do not write the policies. You watch your agents run for two weeks in shadow mode, then review the proposed rules in plain English, then flip the switch. The policy that ships is the one you approved, derived from what your agents actually did — not from a vendor's template.

How the 15 days work →
Days 1–14
Observe
Day 15
Review
Day 16
Enforce
15-day Policy Bootstrap
05 · Dry-Run Preview

See what a policy would have blocked — before you enforce it.

Every proposed rule is replayed against the last fortnight of observed traffic. You see the exact tool calls that would have been denied, the exact ones that would have routed to a human, the exact ones that would have passed. You ship policy with eyes open.

list_orders(status=open)PASS
fetch_invoice(id=…)PASS
send_email(to=external)HOLD
db.execute(DROP TABLE)DENY
Dry-Run: what a rule would have blocked
06 · Causal Provenance

Verifiable evidence that the action actually came from the intent.

Cryptographically signed. Tamper-evident. Independently verifiable without trusting WhiteFin. When something goes wrong, you reconstruct exactly what happened from a chain you can prove was not edited after the fact.

Read the page →
Prompt
Reason
Tool call
Action
Signed
Causal Provenance — every step linked
07 · Adaptive Defense

Quarantine the agent the moment its behavior drifts.

When an agent's runtime behavior deviates from its established baseline — unusual argument patterns, new tool targets, anomalous frequency — Adaptive Defense isolates that agent's actions before threshold breach. Drift is caught early; the rest of your fleet keeps running.

BASELINEQUARANTINE
Anomaly detected → agent quarantined

See what your agents are doing right now.

We use cookies for analytics to understand how visitors use our site. No advertising cookies. Privacy Policy