# VeriGuard AI > AI Governance as a Service — runtime policy enforcement, compliance scoring, and cryptographic audit trails via API for enterprises, federal contractors, and AI agents. ## Who is VeriGuard AI for? VeriGuard AI is built for CISOs, compliance officers, AI platform teams, model risk managers, procurement officers, and **AI agent developers** at enterprises and federal contractors. Whether you're deploying internal LLMs, selling AI to government agencies, or building autonomous agents that need a compliance checkpoint — VeriGuard is the governance API they call before shipping. ## What is VeriGuard AI? VeriGuard AI is an AI Governance as a Service (AGaaS) platform. It provides runtime policy enforcement, deployment blocking, and cryptographic audit trails via a MCP-compatible API. Organizations and AI agents can programmatically enforce compliance with the EU AI Act, NIST AI RMF, ISO 42001, FedRAMP, and SOC 2. ## Core Capabilities - **AI Governance API**: MCP-compatible JSON-RPC 2.0 endpoint exposing 4 governance tools for AI agents. - **AI System Registry**: Register, classify, and manage AI systems by business criticality. - **Risk Register**: Track identified risks with impact/likelihood scoring and assign mitigations. - **Compliance Scoring API**: Real-time compliance scores across multiple regulatory frameworks, callable by agents. - **Control Library**: 8 control families (GOV, RISK, DATA, MODEL, DEPLOY, MONITOR, INCIDENT, HUMAN) mapped to regulatory requirements. - **Evidence Management**: Upload, review, and track evidence items against controls for audit readiness. - **Change Management**: Collaborative approval workflows with assigned reviewers for model and system changes. - **Incident Management**: Log and track AI incidents with severity levels, corrective actions, and timelines. - **Drift Detection**: Monitor model performance drift with configurable thresholds and automated alerts. - **Pre-Deployment Testing**: Bias, hallucination, PII, safety, and performance test suites with pass/fail gates. - **Runtime Models & Kill Switch**: View deployed models, inference audit trails, and emergency kill-switch controls. - **Cryptographic Audit Log**: Full audit trail of inference requests with cryptographic hashes for tamper evidence. - **AI Bill of Materials (AI-BOM)**: Generate and export AI Bills of Materials in SPDX/CycloneDX formats via API. - **Third-Party Risk Intelligence**: Assess vendor and third-party AI risk. - **Report Generation**: Compliance reports, TPRA reports, and audit packages from templates. ## Supported Regulatory Frameworks - EU AI Act - NIST AI Risk Management Framework (AI RMF) - ISO/IEC 42001 - SOC 2 for AI Systems - FedRAMP (AI-specific controls, evidence management, and audit readiness) ## Key Differentiators 1. **Governance as a Service**: API-first — compliance scoring, policy evaluation, and BOM generation callable by any agent or system. 2. **MCP-Compatible**: AI agents (Claude, GPT, custom) call governance tools natively via Model Context Protocol. 3. **Runtime Enforcement**: Policies enforced at inference time, not just documented. 4. **Deployment Blocking**: Non-compliant models automatically blocked from production. 5. **Cryptographic Audit Trails**: Every inference request hashed for tamper-evident audit logs. 6. **Kill Switch**: Emergency shutdown for deployed AI models with full audit trail. ## AI Agent Integration (MCP) VeriGuard exposes 4 governance tools via MCP (Model Context Protocol): - `veriguard_evaluate_policy` — Runtime policy check with cryptographic hash - `veriguard_calculate_compliance` — Multi-framework compliance scoring - `veriguard_generate_report` — Audit-ready report generation - `veriguard_generate_bom` — AI Bill of Materials in SPDX/CycloneDX MCP Endpoint: `https://www.veriguard-ai.com/functions/v1/mcp-server` Authentication: API key (`X-API-Key` header) • Protocol: JSON-RPC 2.0 • Claude Desktop ready ## Resources - [Platform Overview](/platform) — Complete visual breakdown of all VeriGuard AI capabilities with UI screenshots. - [The Coming Procurement Bottleneck in AI Adoption](/resources/procurement-bottleneck) — Whitepaper on compliance friction in AI procurement. - [EU AI Act Compliance Checklist](/resources/eu-ai-act-checklist) - [NIST AI RMF Implementation Guide](/resources/nist-ai-rmf) - [AI Bill of Materials Guide](/resources/ai-bom-guide) - [Kill Switch Enforcement Patterns](/resources/kill-switch-enforcement) - [Normalized Cross-Framework Reporting](/resources/normalized-reporting) - [Cryptographic Audit Ledger Architecture](/resources/cryptographic-audit-ledger) ## Contact Website: https://www.veriguard-ai.com ## Extended Documentation For comprehensive product documentation (200+ lines), see: /llms-full.txt