Documentation

Agent governance controls, compliance framework mappings, and everything you need to secure your AI agents with Brigs.

GuideAgent GuideHow AI assistants use Brigs — ephemeral sessions, API-guided flows, CLI hints, and session lifecycle.ReferenceDeveloper API & CLIREST API endpoints, CLI commands, authentication, and integration patterns.HelpFAQCommon questions about AI agent governance, compliance, and how Brigs works.

Agent Governance Controls

All controls →
Agent Tool AllowlistExplicit tool permissions with argument validationAgent Least PrivilegeScoped credentials and short-lived tokensAgent Audit LoggingImmutable audit logs with provenance chainsAgent PR GateGated workflows for agent-authored PRsAgent Action GatingHuman approval for high-risk operationsAgent Data EgressPII redaction and data flow controls

All Controls

Agent PR GateAgent Tool AllowlistAgent Least PrivilegeAgent Audit LoggingAgent Data EgressAgent Action GatingAgent Code ExecutionAgent Context PoisoningAgent Cascading FailuresAgent Inter-Agent CommsMCP Least PrivilegeMCP No Credential LeakDependency Supply Chain

Compliance Frameworks

OWASP Agentic Top 10ASI01–ASI10 agent security criteriaEU AI ActArticles 9–15 for high-risk AI systemsNIST AI RMFGovern, Map, Measure, ManageISO 42001AI management system requirementsSOC 2CC6, CC7, CC8 trust criteriaAIUC-1AI controls for underwriters