Panopticore
Request early access
VPC-native • policy enforcement • cryptographic evidence

Lab-grade agent controls, VPC-native.

Route agent traffic through Panopticore to enforce policy, require approvals, and generate tamper-evident audit logs.

Request early access How it works →
Latency p95 <50ms
HTTP + HTTPS CONNECT ECDSA P-256 signatures Offline verification VPC-first
Where it sits
Agent → Edge Authenticator → Sidecar Proxy → External APIs

All agent egress flows through a dedicated control point: authenticate, decide, approve (if needed), and record tamper-evident evidence.

What it does

Lift coverage. Block risk. Produce evidence.

Designed for Platform/SRE teams in regulated or security-mature environments running autonomous workflows in their VPC.

Lift coverage

Capture the actionable surface area through the egress path. Turn unknown actions into measurable coverage.

Enforce policy

Allow/deny controls plus egress guardrails (allowlists, DNS pinning, rate limits).

Orchestrate approvals

Require approvals before execution for high-consequence actions via Slack with signed tokens.

Evidence Binders

Cryptographically signed session summaries designed for audit, incident response, and legal review.
What changes in your architecture

Deploy three components in your VPC.

  • Edge Authenticator — mTLS identity, principal extraction, DSSE token minting.
  • Sidecar Proxy — token verification, policy evaluation, governance checks, event capture.
  • Admin Service — policy management and approval orchestration.

Route agent egress through Panopticore. Everything else is policy.

Use cases

Built for real autonomous workflows.

Start with one workflow, run in simulate mode, and turn on enforcement once it’s clean.

Incident bots & remediation

Controlled automated remediation actions with approvals and evidence for postmortems.

Infra automation & production changes

Gate merges, deploys, and migrations when blast radius is high—without slowing routine actions.

FinOps & data movement

Apply policy to exports and outbound transfers at the egress boundary to prevent risky data movement.
How it works

A governance sidecar for agent egress.

1

Authenticate

mTLS at the edge. URI SAN extracted, CRL checked, DSSE token minted.

2

Verify & Govern

Proxy verifies token, applies allowlists, DNS pinning, and rate limits.

3

Evaluate

Rego policy returns allow, warn, block, or approval-required. Approvals via Slack.

4

Record

Events emitted to tamper-evident ledger. Evidence Binders rendered for audit.

Evidence Binders

Evidence your Legal team will actually adopt.

Cryptographically signed session summaries designed to survive serious scrutiny.

What's inside

  • Identity chain (principal, session, signed tokens)
  • Action inventory (attempted / executed / blocked)
  • Policy decisions + justification
  • Approvals (who approved, when, and scope)
  • Verification artifacts (hashes, signatures, ledger linkage)
Offline verification

$ binderverify --input binder.pdf --pubkey key.pem
✓ signature valid
✓ merkle root matches ledger
✓ policy bundle checksum matches

Evidence can be validated independently. No "trust our dashboard" requirement.

Security posture

Customer-owned control and evidence.

VPC-first deployment with your keys, your infrastructure. Security is a boundary, not a checkbox.

VPC-first

No required SaaS control plane. Designed for regulated environments and security-mature teams.

Your keys, your signatures

ECDSA P-256 signatures for approvals and binders using keys you control. Evidence stays verifiable under rotation.

Fail-closed behavior

If identity or signing can't be validated, the edge fails readiness checks and blocks traffic—no fallback to best-effort.
More details on the Security page.

Frequently asked questions

What traffic can Panopticore govern?
Any agent action routed through the sidecar proxy over HTTP/HTTPS, including requests inside HTTPS CONNECT tunnels.
Is this just monitoring/observability?
No. Panopticore can block or require approvals before execution, and generates offline-verifiable evidence.
Can it run entirely in our VPC?
Yes. VPC-first is a core design constraint.
What do you store?
Event metadata and cryptographic proofs. Payload capture is configurable and policy-driven.
Request early access

Become a design partner.

Panopticore is in active development. Request early access to shape the roadmap and get hands-on with the platform before general availability.