Zero Trust AI

Vörðr

Zero Trust framework for AI agents. SPIFFE-based identity, OPA policy enforcement, intent validation, and human escalation gates.

API keys and service accounts weren't designed for AI agents that spawn sub-agents dynamically, with unbounded sessions and shifting privileges. Vörðr uses cryptographic short-lived credentials — certificates that expire in seconds, not months — with full delegation lineage traceable back to a human principal.

Step through the identity chain

👤

Analyst: Sarah

Human principal

🔗

FraudOrchestrator

Orchestrator agent

🔍

TransactionScanner

Sub-agent

🗄️

Payment Database

Protected resource

Speed

Knowing who an agent is isn't enough. The system must also ask: what are you trying to do, and does it match what you declared? When a prompt injection redirects an agent mid-task — attempting an undeclared external API call, for example — the manifest validator catches the deviation and blocks it before damage occurs.

Toggle between normal flow and prompt injection

Declared manifest

task:Scan transactions from last 24h for anomalies

access:Read-only payments DB

duration:5 minutes

constraints:No external API calls

Read payments table

Query anomaly model

Write to audit log

Speed

← All projects