AiVRIC logo Platform Guide
AiVRIC.com Trust Center Request demo Support
Architecture at a glance

Platform overview

See how AiVRIC orchestrates connectors, guardrails, and evidence to keep your AI estate safe. Modeled after the clarity of GitLab's handbook, adapted to AiVRIC's security-first UX.

Control plane

Data intake

Agentless cloud scans, Kubernetes admission hooks, Git provider APIs, and ticketing webhooks feed the control plane.

Streaming + scheduled

Policy engine

Rules evaluate configuration, runtime events, and AI interactions. Supports dry-run, monitor, and enforce modes.

Guardrails + compliance

Evidence & reporting

Every decision is logged with context for auditors and owners. Exportable bundles align to SOC 2, ISO 27001, and AI policies.

Auditable by default

Connectors

TypeCoverageDeployment
Cloud (AWS/Azure/GCP)Config posture, identity hygiene, data protection, network boundaries.Read-only IAM role with scoped policies; optional remediation role.
KubernetesWorkload policies, runtime controls, admission safeguards, secret scanning.Helm chart; can enforce via admission controller or monitor-only.
Git providersRepo settings, branch protection, token hygiene, secret detection.OAuth app with least-privilege scopes.
Ticketing/ChatAlert routing, assignment, status sync, runbook links.Webhook or app install with channel scoping.

Guardrails & automation

  • Policy packs: Pre-built controls for SOC 2, ISO 27001, HIPAA, and AI responsible use.
  • Modes: Start in monitor, graduate to enforce after review. Every change is traceable.
  • Actions: Auto-remediate with playbooks; open tickets with owners and due dates.
  • Signals: Combine config, behavioral, and AI-specific signals (prompt misuse, data egress) for context.
  • Evidence: Each control logs input, decision, and action for audit trails.
  • APIs: Export findings to SIEM/SOAR; manage guardrails as code.

Observability

Dashboards tuned for operators. Compare environments, track MTTR, and see policy adoption without leaving AiVRIC. Export CSV/JSON for deeper analysis.

Activity log

Immutable log of access, configuration changes, and enforcement decisions.

Findings

Filter by severity, workspace, control type, or AI model. Link directly to tickets.

Reports

Generate weekly summaries for stakeholders; schedule delivery to email or chat.