Enforce what your AI agents do.
Prove it cryptographically.
Most AI-governance tools document and score policy. Daylite enforces it at runtime and proves what the agent actually did, cryptographically, inside your own environment.
Daylite sits at the MCP tool-call boundary. It checks each agent action against your policy before the action runs. It allows, denies, or routes the call to a human, then writes what happened to a record you can verify later.
That record is append-only, hash-chained, and signed. Think of it as a flight recorder for your agents. An auditor verifies it offline and confirms nothing was changed after the fact.
Stuck on the AI section of a security review. The AI Security Review Kit answers it in an afternoon.
What Daylite is
Daylite is the runtime enforcement and audit layer for AI agents in regulated enterprises. It is a self-hosted Rust binary that sits at the MCP tool-call boundary. Every time an agent tries to call a tool, Daylite checks the call against your policy and decides whether it runs. Then it writes a tamper-evident, cryptographically signed record of what was requested, what policy decided, and what actually executed.
How it works
Two jobs, both at the boundary where the agent meets your systems. Gate the call before it runs. Record what happened in a way an auditor can verify.
# Daylite response headers on /v1/mcp/proxy
X-Daylite-Verdict: deny # policy blocked the call
X-Daylite-Audit: chained # recorded in the hash-chain
X-Daylite-Agent: 018f3c4a-... # UUIDv7 step identity
Document the policy, or enforce it.
The funded governance tools live in the documentation layer. They help legal and risk teams write policies, map them to frameworks, and produce reports. They sit out-of-band from the running system. Daylite sits in the execution path.
Built to map to the controls auditors know
The approach maps to NIST SP 800-53 controls. Daylite ships a control mapping you can query at /v1/compliance/nist-800-53. It also tracks the direction of NIST's emerging Control Overlays for Securing AI Systems (the COSAiS work, NISTIR 8605 series). This is alignment, not a certification claim.
Daylite is built on AWS-LC, a FIPS 140-3 validated cryptographic library. Daylite itself is not CMVP product-certified. SOC 2 is in progress with Drata, not yet complete.
Who needs this
Teams shipping AI agents into regulated workflows, from AI-native startups in finance, insurance, and healthcare to the institutions they sell into, where a mutable log does not survive an audit and data cannot leave the building.
Why a normal log is not enough
Two questions every technical buyer asks. Here are straight answers.
Deploys in minutes
One container in your environment. Docker ships today. Point your agents at the MCP proxy and the gate and the audit chain are live. No six-month integration.
docker run -p 8080:8080 \
-e DATABASE_URL=postgres://daylite:secret@db/daylite \
ghcr.io/daylite-ai/daylite:latest
# MCP proxy live on :8080. Gate active, hash-chain recording.
# Point your agents at /v1/mcp/proxy.
A Helm chart for Kubernetes is on the roadmap. Docker and docker-compose are what ship today, including inside air-gapped networks by transferring the image through approved media.
Questions your security and compliance team will ask
How is this different from Vanta, Drata, Credo AI, or OneTrust?
Those tools document and score policy. They map it to frameworks and produce reports, and they sit out-of-band from the running agent. They cannot block a non-compliant tool-call. Daylite enforces policy at the tool-call boundary at runtime, and produces cryptographic proof of what the agent actually did. Keep your governance tool for documentation. Daylite sits beneath it.
What about Runlayer, Operant, or other MCP gateways?
They do runtime interception and access control, mostly cloud or VPC. That overlaps with us, and we compete on depth. Daylite is built for true air-gap, with FIPS-validated crypto and a tamper-evident hash-chained audit as the core artifact you hand a regulator, not just access control. If you need that depth in a regulated environment, that is our lane.
What does 'built on FIPS-validated cryptography' actually mean?
Daylite runs its cryptography through AWS-LC, a FIPS 140-3 validated cryptographic library. Daylite itself is not product-certified under CMVP, and we do not claim a CMVP certificate. Commercial enterprise procurement under SOC 2, HIPAA, and DORA accepts library-level validation. FedRAMP High and certain DoD contracts require product-level CMVP, which is on the roadmap.
How does an auditor actually use the evidence?
Your team runs one command to export the record. The auditor verifies the hash-chain offline with the verify tool, confirms no entry was changed after it was written, and reviews the decisions. The format is open, so there is no lock-in on the evidence itself. No trust in Daylite is required to check it.
Where does the data go?
Nowhere. Daylite is self-hosted and air-gap capable. It runs in your VPC, on-prem, or in a disconnected network. Data never leaves your environment. That is the point, and it is why cloud-only governance tools cannot follow you into banking and defense deployments.
How long does it take to stand up?
Minutes. Docker ships today. Run the container, point your agents at the MCP proxy, and the gate and the audit chain are live. A Helm chart for Kubernetes is on the roadmap.
Talk to us
A working session on your regulatory requirements, your deployment environment, and how the gate and the audit chain fit your agents. Not a sales pitch.
Or reach out directly at hello@daylite.ai