Partner & Deployment Modes

VerifAIer for Enterprise Partners

VerifAIer Sentinel is AI governance infrastructure for enterprise AI coding workflows. Select your operating context below to see the relevant governance experience, integration path, evidence outputs, and deployment model.

ADV All governance outputs are advisory. authoritative_for_wiw=false. Humans decide.
18
Subsystems (7A–7R)
12
TVAM-lite nodes
4
Deployment models
0
External calls

Select Operating Mode

Each mode shows the relevant workflow for that audience
MSSP
MS/
MSSP Governance Management
Manage AI governance across multiple client organizations. Per-client posture dashboards, evidence delivery, and SLA-aligned governance reporting. Integrates with existing MSSP toolchains.
Target: MSSP operators, multi-tenant security teams → mssp_mode.html
Regulator
RE/
Regulator & Compliance Evidence
Deterministic receipt chains, TVAM-lite proof bundles, and chain-of-custody documentation for regulators, auditors, and compliance officers. Every finding is hash-verifiable and replay-safe.
Target: Regulators, internal audit, compliance → regulator_mode.html
AppSec
AS/
AppSec & SOC Operations
Incident queue, taint propagation findings, release gate status, and evidence handoff for SOC teams. SARIF output for security tooling. Integrates with GitHub, GitLab, Jenkins, and Azure DevOps.
Target: SOC analysts, AppSec engineers → appsec_mode.html
Developer
DV/
Developer AI Coding Governance
Govern Claude Code, Cursor, and Codex-compatible sessions. Audit AI-generated patches, detect drift and unsafe escalation, and generate session receipts. MCP integration for native IDE use.
Target: Engineers using AI coding agents → ai-coding.html
Sovereign
SV/
Sovereign & Air-Gap Deployment
Fully local, zero network calls, offline-capable governance. Ed25519 local signing, air-gap installable, no auth required. Same binary for classified, regulated, and OT/IT-separated environments.
Target: Defense, FSI, critical infrastructure → sovereign_mode.html

Week 1 Onboarding

Specific integration points: audit trail live before end of week
Day 1–2: Install & Hook
Install & Hook

Install CLI, wire PostToolUse and PreToolUse:Bash hooks. Run first audit. Confirm receipt seals at session end.

pip install verifaier
bash install_claude_hooks.sh
vai readiness check
Day 3: CI Gate
CI Gate

Wire CI governance gate. Policy profile selected (Enterprise / Developer). Merge blocked when findings exceed threshold.

vai ci gate HEAD~1 \
  --profile enterprise \
  --fail-on high
Day 4–5: SIEM + Escalation
SIEM + Escalation

SIEM export piped to existing log infrastructure. Escalation queue configured. First reviewer assignments sent.

vai export siem-jsonl \
  --output findings.jsonl
vai escalation list --status pending
Day 7: First Bundle Export
First Bundle Export

Export first evidence bundle for governance review. Workspace hash computed. Design partner bundle ready to share.

vai enterprise export-bundle \
  --bundle-type design_partner_bundle
vai enterprise workspace-status

Deployment Models

All models are local-first and air-gap capable
Sovereign
Sovereign Air-Gap
Fully isolated deployment. No external calls. All data stays on-premises. Suitable for defense, financial services, critical infrastructure. 18/18 subsystems active.
Enterprise
Enterprise On-Premises
CI/CD-integrated deployment with SIEM export and SOC monitoring. Runs inside existing security toolchain. 14–18 subsystems typical.
Federated
Federated Multi-Org
Governance federation across multiple organizational units. Each unit maintains its own sovereignty; federation layer aggregates posture signals. Requires 7N.
CI Gate
CI Gate Only
Minimal footprint for CI-first adoption. Core 4 subsystems (signing, vault, policy, control plane). Expands incrementally to full enterprise.

TVAM-lite: The Governance Proof Chain

Traceable, Verifiable, Auditable, Machine-readable
Traceable

Every AI coding session, code change, governance decision, and evidence artifact is linked in a deterministic hash chain. Trace any finding back to the exact model output that produced it.

Verifiable

Ed25519-signed receipts. SHA-256 workspace hash. Readiness tokens with cryptographic provenance. Any auditor can verify the chain independently. No VerifAIer access required.

Auditable & Machine-readable

SARIF 2.1.0 output for security tooling. JSON governance reports for SIEM integration. Evidence bundle ZIPs for regulator handoff. Every format is deterministic: same inputs, same outputs.

What VerifAIer Is NOT

  • A SaaS product or hosted service (everything runs locally)
  • An AI system itself (it governs AI; it does not do AI reasoning)
  • An enforcement authority (all outputs are advisory)
  • A SIEM replacement (it produces events that SIEM ingests)
  • A SAST/DAST/SCA replacement (it extends them with AI session provenance)
  • An EDR or endpoint security tool (governs code, not runtime behavior)
  • A hallucination detector or model quality evaluator
  • A product that requires authentication, databases, or cloud infra
  • Authoritative for who is wrong (authoritative_for_wiw = false)

What VerifAIer Is

  • OK Deterministic governance infrastructure for AI coding workflows
  • OK A local-first evidence chain from AI session to audit receipt
  • OK Air-gap capable, replay-safe, model-provider independent
  • OK SARIF-compatible for existing security tooling integration
  • OK Incrementally deployable from CI gate to sovereign enterprise
Design Partner & Pilot Inquiries
Start Your Governance Pilot

30-minute CI pilot. 1-day AppSec integration. 1-week design partner validation. All guides available in docs/onboarding/.