For security architects & teams
Evaluate the action the agent assembled — not just the model.
You already know the seam: authentication works, retrieval works, the policy engine works — and the action the agent composed from all of them still violates intent, because none of those controls was built to reason about the composed action. Apeiris adds a layer that evaluates that action and produces evidence — under whose authority, over what data, within what policy — not a verdict on the model and not a gate that decides for you.
Where to start
Follow the thesis, then a real action end to end.
The compositional idea
Security verifies components; enterprises deploy composed actions. The seams, the ownership test (visibility / authority / responsibility), and why mapped ≠ satisfied.
One action, fully traced
Walk a single autonomous action from actor to authority, data, knowledge, behavior, effect, and a signed ledger — the evidence chain a composed action creates.
Incident-to-assurance
The method on a real incident — JADEPUFFER agentic ransomware — mapping observed behavior to the controls that would have produced evidence.
Agentic · Identity · Authority
The control families closest to autonomous action: agent identity and delegation, tool-call authorization, human-in-the-loop gates, approval limits.
Agentic exposure check
A quick self-assessment of where an agentic deployment can reach, and which controls answer for each new execution path.
Explore the knowledge graph
From a control to its threats, ATLAS techniques, frameworks, and normative sources — provenance on every edge.
How Apeiris differs from the tools you already run
Apeiris is not a policy engine, CNAPP, SIEM, identity provider, or AI gateway, and it does not replace them. It defines the open control-and-evidence model those tools produce and consume evidence against — the layer that reasons about the action a workload assembled across identity, authority, data, knowledge, and behavior, and emits a composed, reviewable verdict. It is an evidence layer, not another sensor and not a choke point.
Available today vs. in development
The open corpus is usable now. The runtime platform that watches your environment is being built — we hold that line explicitly.
Available today
- The compositional thesis, one-action walkthrough, and incident method
- The Agentic, Identity, and Authority control families with evidence and blocking posture
- A local platform prototype (deterministic trust engine, CLI, MCP, Ed25519 attestation)
- The knowledge graph and ATLAS model, queryable over MCP
In development
- Runtime detection of capability drift in your environment
- Telemetry ingestion and per-tenant evidence storage
- Output connectors (ServiceNow, Jira, Splunk, Sentinel, …) and a connector SDK
Trace a real action
See the six checks a composed action must pass, and the evidence each one produces.
Not your role?