Authorize AI-driven state transitions before they bind the enterprise.

OntoGuard is a semantic control plane for runtime decision authorization. It evaluates proposed AI outputs, tool actions, workflow movements, and release events before consequence; returns ALLOW, BLOCK, or ESCALATE; and produces strict-six, offline-verifiable proof showing what was attempted, what was withheld, and why.

AI proposesOutput, action, workflow movement, or release event
OntoGuard authorizesRuntime Decision Authorization
Strict-six proofPDF + JSON + receipt + manifest
No internal documents requiredRuntime Decision AuthorizationALLOW / BLOCK / ESCALATEStrict-six offline proof packageControlled event-level no-bind proof today; production L5 requires route integration evidenceBatch DAP / Controlled Corridor Mode available
Withheld before consequence.Autonomous release can be refused or routed before downstream effect.
Strict-six audit package.Buyer JSON, full-audit JSON, PDFs, receipt, and manifest are packaged for offline review.
Batch DAP / Controlled Corridor Mode.Representative cases can be grouped into buyer-readable corridor proof.

OntoGuard is a bounded executable layer at the release seam. It supports controlled event-level no-bind proof today, and production L5 requires route integration evidence, endpoint enforcement, replay records, and outcome closure. See Execution-Boundary Proof. Last updated: July 8, 2026.

Protected by U.S. Patent Application 19/444,521 — Track I prioritized examination granted May 2026.
What OntoGuard Does

Governed AI decisions before release

OntoGuard is a semantic control plane for runtime authorization of proposed AI-driven state transitions. It decides whether high-stakes AI output, tool action, workflow movement, or release event may move, must be blocked, or should be routed to human review before consequence.

Route

Send uncertain, risky, or unsupported outputs to human review instead of silent release.

Execution Boundary + No-Bind Proof

Execution Boundary + No-Bind Proof

OntoGuard proves what the AI attempted to move — and whether that movement was allowed to bind the enterprise.

OntoGuard does not only score an AI output. It records proposed movement, control point, failed condition, refused operation, release-control status, and whether any protected downstream effect formed. When autonomous release is withheld, OntoGuard produces a no-bind receipt showing that no protected downstream effect formed and that the proposed movement was routed, blocked, or escalated before consequence.

Attempted movement

AI output, tool call, workflow trigger, memory write, recommendation, or release event attempted to become business consequence.

Control point invoked

OntoGuard evaluated the proposed movement before release, commit, or downstream effect.

Operation refused or routed

Autonomous release can be withheld, blocked, or routed to human review with reason codes.

No-bind receipt

The packet records whether a protected downstream effect formed and binds the result to receipt / manifest hashes.

Inspect Runtime-Seam Proof
Decision Admissibility

Decision Admissibility: Semantic Coherence Is Not Enough

A proposed AI output can be coherent and still not be admissible to move. OntoGuard evaluates whether the proposed transition has enough semantic, evidentiary, institutional, route, constraint, and human-review authority to become business consequence.

Evidence sufficiencyAttached, weak, conflicting, or pending.
Delegated authorityKnown, missing, pending, or not asserted.
Policy fitMatched, uncertain, out-of-scope, or needs review.
Semantic constraint statusSatisfied, violated, stale, or conflicting.
Route authorityRegistered route, controlled proof route, or integration pending.
Consequence classCustomer-facing, regulated, financial, operational, or internal.
MaterialityLow, material, high-impact, or unresolved.
ReversibilityReversible, costly to reverse, irreversible, or unknown.
Uncertainty postureDecision-relevant unknowns and evidence gaps.
Human review requirementNot required, required, assigned, or closure pending.
No-bind statusWhether a protected downstream effect formed.
Outcome closure statusClosed, pending, not attached, or not asserted.
Constraint Authority + Review Closure

Constraint Authority and Human Review Closure

OntoGuard does not merely route uncertainty to a human queue. A mature production route should show whether the reviewer was assigned, qualified, authorized, completed review, used override authority, and closed the outcome. Current scans can mark reviewer closure as pending when that evidence is not yet attached.

Constraint sourcePolicy, regulation, workflow rule, or customer route rule.
Constraint authorityAttached, pending, or not asserted before integration.
ApplicabilityRelevant, disputed, stale, or unresolved.
Conflict / stale conditionSurface conflicting or stale constraints without fabricating authority.
Reviewer qualificationKnown only when integration or workflow evidence provides it.
Reviewer authorizationAssigned authority, pending authority, or not attached.
Review outcomeApprove, rewrite, block, escalate, or pending.
Override reasonBuyer-provided reason code when override is allowed.
Outcome closureClosed, unresolved, pending, or not asserted.
Repair / learning signalReview-gated improvement candidate; no live model mutation.
Offline-Verifiable Audit Credential

Strict-Six Offline Audit Credential

Every governed decision or batch can be exported as a portable proof package that can be reviewed without rerunning OntoGuard.

OntoGuard packages governed decisions into a strict-six artifact set: buyer-portable JSON, full-audit JSON, governance PDF, sellable-lite PDF, decision receipt, and artifact manifest. The package binds governed input/output, Decision API result, evidence, trace, receipt, and manifest into a portable audit credential.

buyer_portable.governance.json full_audit.governance.json governance.pdf governance.sellable_lite.pdf decision_receipt.json artifact_manifest.json
Verify without rerunning OntoGuard. Store as an audit record. Compare across runs. Inspect buyer-readable and machine-readable proof. Preserve full-audit authority separately from buyer-portable summary.
Start Here

Three Ways to Start

Choose a lightweight first step. No internal documents, production deployment, or model retraining are required to begin.

Lowest Friction

AI Output Risk Scan

Best for: AI governance, risk, compliance, and product teams that want a fast first read.

Input: 10–25 representative prompts, responses, API logs, or demo outputs.

Output: risk map, review-burden view, autonomy-readiness tier, and selected proof packets.

Run Risk Scan
For AI Vendors

AI Demo Proof Pack

Best for: vendors selling into regulated or high-trust enterprises.

Input: demo outputs or product workflow examples.

Output: enterprise-grade proof pack with decision, evidence, review routing, and boundary proof.

Request Demo Proof Pack
Fast ROI

Human Review Burden Reducer

Best for: teams paying experts to review every AI output manually.

Input: review queues, output samples, or escalation examples.

Output: reason-coded routing and reviewer-effort reduction opportunities.

See Review Compression
Complete Product Ladder

From First Scan to Embedded Decision Authorization Infrastructure

Start with representative outputs and expand into runtime authorization, review compression, improvement signals, and customer-specific route evidence without claiming production L5 before integration proof exists.

AI Output Risk Scan

Inputs: prompts, responses, logs, intended action labels, and workflow labels.

Outputs: risk segmentation, ALLOW/BLOCK/ESCALATE distribution, review-burden analysis, uncertainty and hallucination signals, ROI baseline fields, and selected sample packets.

AI Demo Proof Pack

For vertical AI vendors and partner sales. Converts demo outputs into enterprise-grade Decision Authorization Packets that buyers can inspect.

Human Review Burden Reducer

Routes only outputs that need expert judgment, with reason codes, reviewer context, and review-burden metrics.

Decision Authorization API

Backend API returning ALLOW, BLOCK, or ESCALATE with evidence, trace ID, release-control status, and reason codes.

Autonomous Knowledge Layer / Training & Improvement Signals

Review-gated learning candidates, retrieval improvements, repair signals, and gold-example candidates. No live model mutation or model-weight update is claimed.

Production Route Evidence Pilot

Customer-specific route inventory, endpoint checks, token enforcement, replay, fail-closed proof, and outcome closure.

Buyer / Partner Segments

Who OntoGuard Is Built For

OntoGuard is built for teams whose AI outputs, actions, or workflow movements can become regulated, costly, or customer-facing business consequence.

Vertical AI vendors in regulated workflows

Claims, prior authorization, compliance, legal/finance AI, and customer-service AI.

Turn your demo into buyer-portable proof.

Insurance carriers

Claims, underwriting, fraud, and customer communications.

Reduce review burden and prove which AI outputs can move.

Healthcare payers

Prior authorization, claims, and member communications.

Govern high-impact administrative outputs before they affect members or reviewers.

Banks, capital markets, and model-risk teams

AI governance, compliance, model risk, and agentic AI governance.

Add authorization proof before AI output becomes regulated action.

SIs and implementation partners

Global and boutique AI integrators implementing regulated workflows.

Embed a proof layer into AI workflow deployments.

AI governance, eval, observability, and guardrail platforms

Teams that monitor and test AI behavior but need release authorization proof.

Add runtime Decision Authorization and proof packets where monitoring and evals stop.
Controlled Corridor Mode

Batch Decision Authorization Packet — Controlled Corridor Mode

For scans, demos, and pilot corridors: one aggregate proof packet across multiple governed cases.

OntoGuard can generate an aggregate Decision Authorization Packet for multiple prompts, outputs, or corridor cases. The batch packet rolls up case-level decisions into aggregate ALLOW / BLOCK / ESCALATE, preserves per-case hashes, points into full_audit, and exports one strict-six governance package for the batch.

Aggregate decision logic

If any case blocks, the batch blocks. Else if any case escalates, the batch escalates. Only all-clear cases can aggregate to ALLOW.

Per-case integrity

Each case has a hash, decision result, and pointer into full_audit.

Aggregate proof surfaces

Batch summary, telemetry digest, execution-boundary summary, no-bind summary, trace coupling, evidence geodesic, observer views, and governance path ensemble.

Pilot value

Use for AI Output Risk Scans, vertical AI vendor demo proof packs, and controlled pilot corridors.

Request Batch Proof Pack
Choose Your Path

Start from the buyer problem you already have

I run AI governance / risk

Get a representative risk review, proof gaps, and selected Decision Authorization Packets.

Run Risk Scan

I sell an AI product

Turn your demo into enterprise proof that buyers can inspect before a pilot.

Request Demo Proof Pack

I manage human review

Find which AI outputs need expert attention and why reviewers are spending time.

See Review Compression

I am doing technical diligence

Inspect the public proof kit, runtime seam, packet anatomy, and capability boundary.

Inspect Proof Library
Lowest-Friction First Step

Run an AI Output Risk Scan

Send 10–25 representative AI prompts, responses, or API logs. OntoGuard identifies risk, uncertainty, review burden, autonomy readiness, and proof gaps, then generates full Decision Authorization Packets for selected high-risk or representative outputs.

No internal document upload required. No production deployment required. No model retraining required. Larger scans can be delivered through Batch Decision Authorization Packet / Controlled Corridor Mode: one aggregate executive readout, case-level hashes, per-case full_audit pointers, review-burden analysis, and a strict-six governance package for the batch.

What you send

  • Representative prompts
  • AI responses
  • API logs
  • Intended action labels
  • Workflow labels
  • Demo outputs

What you get

  • Risk and uncertainty map
  • Review-burden analysis
  • Autonomy-readiness tier
  • Selected proof packets
  • Human-review routing reasons
  • Batch expansion recommendation
10–25 representative AI outputs reviewedPrompts, responses, API logs, demo outputs, or exported workflow samples selected to show real workflow behavior.
Risk, uncertainty, and inconsistency mapShows unsafe language, unsupported claims, contradictory outputs, and confidence mismatch.
Review burden and routing analysisIdentifies which outputs need expert review, light review, rewrite, escalation, or block.
Autonomy readiness tierClassifies workflows as draft-only, recommend-with-review, low-risk release, escalate-sensitive, or block.
2–5 full proof packets for selected casesGenerates buyer-readable Decision Authorization Packets for the highest-risk, most representative, or most commercially important outputs.
Batch DAP / Controlled Corridor ModeLarger scans can be delivered as one aggregate Decision Authorization Packet with case-level hashes, per-case full_audit pointers, review-burden analysis, and strict-six packaging.
Built for:Model Risk ManagementAI Governance / Responsible AICompliance EngineeringInternal AuditRegulated Workflow OwnersAI Product Teams

Request AI Output Risk Scan

This form uses a static form handler for lead capture. Backup: email OntoGuard directly. No deployment is required to start a shadow-mode scan. Initial reviews are based on a representative sample; larger batch scans can be scoped after the first review.

30-Day Pilot

30-Day Pilot: From Packet Proof to Route Evidence

Move from representative scan to selected packets to route-design evidence without claiming production L5 before the customer route exists.

Week 1 — Shadow-mode connectionGovern prompts, responses, and logs without blocking production.
Week 2 — Configure scopeWorkflow labels, intended action labels, proof requirements, reporting format, and evidence sources.
Week 3 — Generate packets5–10 Decision Authorization Packets from real or representative prompts.
Week 4 — Turn on routing designALLOW / BLOCK / ESCALATE / HUMAN_REVIEW / SAFE_TEMPLATE route design.
Production L5 non-bypassability is not claimed from a shadow-mode scan. It requires customer route integration, real endpoint evidence, fail-closed behavior, replay records, and outcome closure.
Discuss 30-Day Decision Authorization Pilot
Product Video

Watch OntoGuard Govern an AI Output Before Release

Watch how OntoGuard evaluates a proposed AI output before release, routes uncertainty, and creates a buyer-readable proof packet without needing internal documents or production deployment to start.

What to watch for

  • Where the AI output attempts to move toward business consequence.
  • How OntoGuard returns ALLOW, BLOCK, or ESCALATE before release.
  • How the proof surface records evidence, uncertainty, route status, and reviewer path.
  • How a Decision Authorization Packet becomes buyer-readable diligence evidence.
Proof & Diligence Hub

Proof surfaces buyers can inspect first

Start with the fastest proof assets: video, sanitized financial-services case, boundary proof kit, strict-six audit credential, Batch DAP, pilot path, procurement readiness, and the technical appendix.

Product Video

Watch OntoGuard govern an AI output before release and produce proof.

Watch product video

Financial Services Proof Case

Sanitized proof case showing Decision Authorization for a regulated-output scenario.

Open proof case

Boundary Proof Kit

Public sanitized proof kit with buyer JSON, PDFs, receipt, manifest, and proof artifacts.

Inspect proof kit

Strict-Six Audit Credential

Buyer-portable and machine-readable strict-six package for offline verification.

See strict-six package

Batch DAP / Controlled Corridor

Batch Decision Authorization Packet view for representative case corridors.

See Batch DAP

30-Day Pilot Path

Move from scan to packets to routing design without claiming production L5 too early.

View pilot path

Procurement & Security Readiness

Deployment modes, data handling, enterprise controls, and NDA packet request.

Review readiness

Technical Appendix

Deep technical record for auditors, security teams, and strategic diligence.

Open appendix
Proof Library

Proof Library: From Decision Authorization to Offline Audit Credential

Inspect the public proof surface, runtime decision artifacts, execution-boundary evidence, no-bind receipts, strict-six audit credentials, Batch DAP / Controlled Corridor Mode, and the production route evidence still required for customer-specific L5 route completeness.

Proof Harness: Always Export, Never Blank

PDF / JSON export, schema-valid packet, confidence tier, trust score, Cold / Heat / Mercury triad, hallucination taxonomy, benchmark status, policy status, evidence gaps, and explicit abstention or human-review route where needed.

Open Proof Harness detail

Decision-Relevant Uncertainty

Shows which unknowns, evidence disagreements, and routing rules mattered to ALLOW / BLOCK / ESCALATE without exposing protected formulas.

Review uncertainty provenance

Financial Services Proof Case

Sanitized proof case for a regulated financial-services AI output: no customer data, no protected implementation details, and no production L5 non-bypassability claim.

Open sanitized proof case

Executive view

OntoGuard decides whether high-stakes AI output may move, must be held, must be blocked, or should be routed to human review — then exports a portable proof packet.

Technical view

The proof surface preserves Decision API result, execution-boundary trace, no-bind receipt, route maturity, replay, pressure tests, hashes, strict-six artifacts, Batch DAP surfaces, selected semantic projection fields, and production-evidence limitations.

What is available today

AI output behavior review, runtime Decision Authorization, selected Decision Authorization Packets, execution-boundary trace, no-bind receipt, controlled event-level route proof, strict-six offline audit credentials, Batch DAP / Controlled Corridor Mode, and runtime-safe improvement-signal export.

See Batch DAP

What requires pilot integration

Production L5 route completeness, real downstream endpoint token checks, production non-bypassability, customer-specific tool-call authorization, memory-write control, policy authority closure, and multi-agent handoff enforcement require pilot or production topology evidence.

What OntoGuard does not claim

OntoGuard does not publicly claim production L5 non-bypassability, real endpoint enforcement, full autonomous agent enforcement, live model-weight mutation, hard-dollar ROI without buyer baselines, or disclosure of protected routing, scoring, BM25, ontology, citation, or runtime internals.

Executive viewBuyer-readable proof of what moved, what was refused, and what was routed.
Technical viewTrace, route, no-bind, replay, hash, and packet-field evidence for diligence.
What is available todayControlled event-level proof, selected packets, output authorization, and L3 signals.
What requires pilot integrationProduction L5 route completeness and real downstream endpoint token enforcement.
What OntoGuard does not claimNo production L5 overclaim, no live model mutation, and no public disclosure of protected internals.
Technical proof remains available below, but the claim stays bounded: controlled event-level no-bind proof today; production L5 non-bypassability requires pilot or production topology evidence.
Proof Kit

Inspect the OntoGuard Controlled Boundary Proof Kit

A public sanitized proof surface showing a synthetic high-stakes AI output evaluated before release, escalated, withheld, and exported as portable proof.

The proof surface is public. The protected runtime remains protected. No source code, semantic routing internals, scoring formulas, ontology mappings, raw citation infrastructure, or private customer data are disclosed.
1. AI output attempts movementSynthetic high-stakes rationale approaches release
2. OntoGuard gate invokedRisk, uncertainty, evidence, and route conditions checked
3. Release withheldESCALATE; no autonomous release
4. Packet provesPDF + JSON + receipt + manifest exported
All proof artifacts and supporting downloads

Full Audit Summary JSON

Public-safe summary of the controlled proof package without protected runtime internals.

Download Full Audit Summary

Buyer Portable Governance JSON

Sanitized machine-readable packet for inspecting decision state, routing, evidence posture, and audit fields.

Download Buyer JSON

Governance PDF

Buyer-readable proof packet showing the governed decision, escalation outcome, evidence posture, and review routing.

Download PDF

Decision Receipt JSON

Compact receipt showing decision outcome, release status, routed-to value, and public-safe trace identifiers.

Download Receipt JSON

Artifact Manifest JSON

Public-safe manifest describing the artifacts included in the proof kit and their purpose.

Download Manifest

No-Bind Receipt

Decision receipt proving release was withheld and a protected downstream effect did not form.

Download Decision Receipt

Runtime-Seam Summary

Public-safe summary of attempted movement, gate invocation, refused operation, and no-bind status.

Download Runtime-Seam JSON

Route Completeness Evidence

Controlled route maturity summary for L4 route-enforcement evidence without production L5 overclaiming.

Download Runtime-Seam JSON

Governance ZIP

Sanitized package-level artifact showing how OntoGuard bundles governed outputs into portable proof.

Download Governance ZIP

Synthetic public demo only. For deeper diligence, OntoGuard can provide private packet artifacts, integration materials, and technical briefings under NDA.

Execution Boundary Proof

Execution-Boundary Proof: What OntoGuard Proves Before Consequence

OntoGuard is not only a scoring dashboard. It records the proposed movement, release-control status, no-bind receipt, protected downstream effect status, replay records, and route maturity before business consequence.

Technical view: runtime-seam proof table

Plain English: this shows whether the AI movement was allowed to create a downstream effect.

Proof QuestionPacket Evidence
What movement attempted to advance?AI output / proposed state transition moving toward downstream release
Was OntoGuard invoked before release?Yes — controlled pre-release gate
What condition failed?Release was not authorized; human review required
What operation was refused?Autonomous output release
Was an authorization token issued?No
Did downstream commit occur?No
Did a protected effect form?No
What receipt proves no-bind?No-bind receipt with hashes and route references
Was same-condition replay shown?Yes, replay passed
Was changed-condition replay shown?Yes / controlled fixture passed
Were route pressure tests included?Yes
Was bypass prevention tested?Yes, in controlled harness
What route maturity is claimed?Event-level / controlled no-bind proof today; production L5 requires route integration evidence
Is production L5 claimed?No
Controlled harness evidence can demonstrate route behavior in the proof environment. Production non-bypassability requires the customer’s actual release endpoint, token checks, fail-closed topology, replay records, and outcome closure.
Packet Anatomy

Inside a Decision Authorization Packet

The Decision Authorization Packet is the portable proof artifact produced by OntoGuard. It is both buyer-readable and machine-readable, and it can appear as a single-run packet or a batch/corridor packet with strict-six packaging.

Technical view: packet fields and proof lanes

Plain English: this shows what the PDF and JSON preserve for audit and diligence.

Decision API Result

  • ALLOW / BLOCK / ESCALATE
  • release_authorized
  • release_status
  • routed_to
  • reason codes

Proposed State Transition

  • attempted movement
  • business action
  • affected objects
  • affected relations
  • materiality
  • reversibility

Execution Boundary Trace

  • control point
  • gate mode
  • failed conditions
  • refused operation
  • downstream commit status
  • protected effect status

No-Bind Receipt

  • receipt ID
  • decision hash
  • evidence hash
  • manifest hash
  • no protected effect formed

Route Completeness Evidence

  • route registry
  • enforcement topology
  • pressure tests
  • bypass evidence
  • replay records
  • maturity level

Semantic Projection

  • selected projection
  • state scores
  • projection disagreement
  • why projection won
  • Decision API preservation

Decision Admissibility

  • evidence sufficiency
  • delegated authority
  • semantic constraint authority
  • human-review requirement
  • required change for new state

Human Review Route

  • review required
  • reviewer authorization status
  • reviewer qualification status
  • pending closure
  • review outcome export status

Proof Harness + Audit Credential

  • schema validation
  • strict-six package
  • report hash
  • manifest hash
  • evidence hash
  • verification status

Strict-Six Package

  • buyer_portable.governance.json
  • full_audit.governance.json
  • governance.pdf
  • governance.sellable_lite.pdf
  • decision_receipt.json
  • artifact_manifest.json
  • self-excluded manifest hash
  • decision receipt binding
  • offline audit verification

Batch Packet Surfaces

  • aggregate decision
  • batch summary
  • case hashes
  • per-case full_audit pointers
  • aggregate execution trace
  • no-bind summary
  • trace coupling
  • evidence geodesic
  • governance path ensemble
  • observer views

L3 Training Signal Export

  • gold example candidate
  • review-gated learning signal
  • retrieval improvement
  • policy improvement
  • no live model mutation
Uncertainty + Threshold Provenance

Decision-Relevant Uncertainty and Threshold Provenance

OntoGuard does not only calculate uncertainty. It explains which uncertainty matters to the release decision, which threshold or routing rule affected the outcome, what evidence was visible at decision time, what blind spots remained, and what human judgment must resolve.

Decision-relevant unknownsUnknowns that can change ALLOW / BLOCK / ESCALATE.
Evidence disagreementConflicts between retrieved evidence, source authority, or scope.
Threshold that matteredPublic-safe routing threshold label, not protected scoring formula.
Routing rule that matteredReason code or workflow rule that shaped the outcome.
What evidence could change the decisionExamples of missing evidence that could support a different route.
Human judgment still requiredWhen the evidence state is insufficient for autonomous movement.
Event-Level → Production L5

From Event-Level No-Bind Proof to Production L5 Route Completeness

OntoGuard currently proves event-level no-bind proof and controlled route behavior: the proposed movement maps to a route, the gate is invoked before release, authorization is required, refusal is recorded, replay is captured, and no protected effect forms when release is not authorized.

Technical view: L4 to production L5 evidence ladder

Plain English: this shows what is proven today and what must be proven in a real production route.

1. Production route inventoryEvery governed route is registered.
2. Real downstream release endpointThe actual commit seam is attached.
3. OntoGuard inline before the endpointThe gate is on the release path.
4. Token required for commitCommit requires valid authorization.
5. Missing token rejectedFail-closed behavior is logged.
6. Invalid token rejectedBad authorization cannot commit.
7. Expired token rejectedTime-invalid authorization fails.
8. Route-mismatched token rejectedAuthorization is route-bound.
9. Decision-hash-mismatched token rejectedAuthorization is decision-bound.
10. Direct bypass attempts rejectedNon-gated paths are tested.
11. Same-condition replay passedSame facts reproduce the refusal.
12. Changed-condition replay passedChanged facts produce a new governed state.
13. Route pressure tests passedEdge cases are exercised.
14. Outcome closure accountedDownstream outcome and review state are recorded.
15. Material limitations resolved or waivedAuthorized reviewer closes remaining limitations.
Until those items are attached from a real pilot or production environment, the website must say controlled route enforcement, not production L5 non-bypassability.
Capability Boundary

Capability Boundary: What Is Proven, What Requires Route Evidence

CapabilityCurrent StatusClaim Allowed
AI output behavior assessmentAvailable todayYes
Decision Authorization PacketAvailable todayYes
ALLOW / BLOCK / ESCALATE Decision APIAvailable today for governed LLM outputsYes
Controlled execution-boundary proofAvailable todayYes
No-bind receiptAvailable today for BLOCK / ESCALATE-style outcomesYes
Same-condition replayAvailable in controlled proof packageYes
Changed-condition replayAvailable as controlled fixture / explicit changed-condition proofYes
Route pressure testsAvailable in controlled harnessYes
Bypass prevention evidenceAvailable in controlled harnessYes
Controlled non-bypassabilityAsserted only for controlled harness topologyYes, with limitation
Production L5 non-bypassabilityRequires pilot / production topology evidenceNo
Tool-call / memory-write production enforcementRequires customer-specific integrationRoadmap / integration path
Live fine-tuning / model-weight updatesNot performed at runtimeNo
Training-signal exportRuntime-safe export availableYes
OntoGuard’s current proof package is intentionally honest. It can prove event-level no-bind proof and controlled route behavior. Production L5 non-bypassability is not a website claim until a real downstream route is integrated and tested.
Procurement & Security Readiness

Procurement & Security Readiness

Enterprise buyers can evaluate OntoGuard as a shadow-mode reviewer, async auditor, inline gateway, or VPC / on-prem deployment where applicable. Security claims are provided under diligence; no unsupported certification claim is made here.

Deployment modes

Shadow-mode scan, async auditor, inline gateway, and VPC / on-prem where applicable.

Data handling

Prompts, responses, logs, PII redaction controls, retention and deletion policy, and what is not stored.

Enterprise controls

Audit logging, access control, model/provider independence, and security review evidence.

Integration

Decision API, DAP export, evidence manifests, and proof-kit artifacts.

Request Procurement / Security Packet under NDA

Start Without Uploading Internal Documents

OntoGuard does not need your legal files, policy manuals, claims folders, contracts, or internal procedures to deliver first value. Send the AI outputs your system already produces. OntoGuard analyzes the behavior itself.

What is risky?

Detect unsafe recommendations, customer-impacting language, unsupported claims, and outputs that should not move forward without review.

What is overconfident?

Find outputs that sound certain when uncertainty, escalation, evidence gaps, or human judgment should be preserved.

What needs review?

Route only the outputs that need expert attention, with reason codes and reviewer context.

What is ready for autonomy?

Classify workflows by readiness: draft only, recommend with review, release low-risk outputs, escalate sensitive outputs, or block unsafe outputs.

Where are reviewers wasting time?

Identify avoidable review volume, repeated escalation patterns, and outputs that can be handled through lighter review paths.

What can improve the model?

Turn governed outputs into clean learning signals: good examples, blocked examples, escalation examples, rewrites, and reviewer-labeled outcomes.

What OntoGuard Tells You

OntoGuard analyzes AI behavior from outputs, logs, and proposed actions — then turns that behavior into operational intelligence.

What is risky
What is overconfident
What needs review
What should be blocked
What is ready for autonomy
Where reviewers are wasting time
Which outputs make good training examples
How the workflow compares to governance benchmarks
How model behavior changes over time

Human Experts Are Not Replaced. They Are Focused.

OntoGuard does not eliminate domain experts. It reduces when and how they are needed.

Instead of asking experts to review every AI output from scratch, OntoGuard packages the decision, evidence, gaps, uncertainty, policy scope, and reason codes into a reviewable packet. The human reviewer becomes an exception authority, not a full-time AI babysitter.

The goal is not “no humans.” The goal is fewer blind reviews, faster escalation, clearer accountability, and better use of expensive expertise.

In a pilot, OntoGuard measures escalation rate, average review minutes, reviewer role, false-approval reduction, and cycle-time impact so the cost of human review becomes visible instead of assumed.

How to Read an OntoGuard Decision

Read the packet as a release decision, not as a standalone percentage. The score contributes to the decision; it does not replace evidence, policy scope, benchmark status, or human accountability.

AI proposes an actionOutput, recommendation, workflow step, or governed state change.
OntoGuard checks control signalsEvidence, policy, risk, uncertainty, citation gaps, and traceability.
Decision API returnsALLOW, BLOCK, or ESCALATE before release.
Packet records whyReason codes, scope, evidence IDs, audit hashes, and review route.
Human acts only when neededReviewers handle exceptions with context instead of re-reading everything from scratch.

What You License Today

OntoGuard can start as a lightweight output scan and expand into Decision Authorization Packets, controlled boundary proof, human-review compression, runtime-safe training-signal export, and production route evidence pilots.

Core capabilities available today: AI output behavior assessment, runtime Decision Authorization, selected Decision Authorization Packets, execution-boundary trace, no-bind receipt, controlled event-level route proof, strict-six offline audit credentials, Batch DAP / Controlled Corridor Mode, review routing, and runtime-safe L3 Training Signal Export.
Lowest Friction

AI Output Risk Scan

Analyze 10–25 representative prompts, responses, or logs to identify risk, uncertainty, overconfidence, inconsistency, review burden, autonomy readiness, and training-signal candidates, with larger scans available through Batch DAP / Controlled Corridor Mode.

For AI Vendors

AI Demo Proof Pack

Convert a demo output into an enterprise-grade Decision Authorization Packet with controlled execution-boundary proof, no-bind receipt, route maturity label, semantic projection, decision admissibility, and L3 improvement signals.

Proof Surface

Decision Authorization Packet

Portable PDF and JSON proof artifact showing what the AI attempted, what OntoGuard decided, what was refused or authorized, whether downstream effect formed, what route evidence exists, what replay shows, and what human or production evidence remains open.

Boundary Proof

Controlled Boundary Proof Pack

The controlled proof package is useful before production deployment because it lets buyers inspect the seam: movement evaluated, gate invoked, condition failed, operation refused, no protected effect formed, receipt generated, replay shown, and route completeness honestly labeled.

Fast ROI

Human Review Burden Reducer

Identify which outputs need expert judgment, why they need review, what evidence the reviewer should inspect, and how the reviewer outcome can become a governed improvement signal.

Engineering / Risk

Decision Authorization API

Runtime API that returns ALLOW, BLOCK, or ESCALATE with release status, routed_to, business effect, reason codes, evidence references, audit identifiers, and optional controlled boundary proof metadata.

Learning Systems

Runtime-Safe Training Signal Export

Runtime-safe export of governed decisions into review-gated learning candidates. Does not perform live training or mutate model behavior.

Production Evidence

Pilot Integration Package for Production Route Evidence

The production pilot package is the path from event-level no-bind proof to production L5 route completeness. It attaches real route inventory, downstream endpoint behavior, token validation logs, bypass-attempt logs, reviewer closure, and outcome records.

Integration Path

Agentic API Integration Path

Integration path for tool calls, memory writes, ontology changes, policy mappings, and multi-agent handoffs. Current proof is strongest for governed LLM output release; production enforcement for agentic routes requires customer-specific integration.

1. Output Risk ReviewStart with representative outputs/logs.
2. Runtime Decision AuthorizationALLOW / BLOCK / ESCALATE before consequence.
3. Selected Proof PacketsExport PDF + JSON evidence for selected cases.
4. Strict-Six Audit CredentialPackage buyer JSON, full audit, PDFs, receipt, and manifest.
5. Batch DAP / Controlled CorridorAggregate multiple governed cases into one proof package.
6. Production Route EvidencePilot route integration to prove production L5 route completeness.
All artifacts are schema-stable and exportable. No silent failures. Every scan, decision, escalation, or refused release can produce a complete, auditable record.

Measurable Business Impact

OntoGuard is not only an audit story. It produces measured run values that can be mapped to hard-dollar ROI once the buyer supplies baseline assumptions.

Opex Takeout

  • Reduce paid review minutes
  • Lower escalations and rework loops
  • Automate evidence packaging and QA checks
Escalation rate ↓Review minutes ↓AHT ↓

Loss Prevention

  • Prevent wrong approvals and policy leakage
  • Catch issues before incidents or rollbacks
  • Route risky decisions to accountable review
False approvals ↓Incidents ↓Fraud exposure ↓

Working Capital

  • Shorten claims, disputes, exceptions, and close cycles
  • Improve denial prevention and collections workflows
  • Attach proof at the moment of decision
Cycle time ↓Denials ↓DSO ↓

OntoGuard provides measured_run_values: allow/block/escalate counts, withheld releases, evidence packets, human-review tasks, audit artifacts, and review-burden signals. Hard-dollar ROI remains baseline-required: buyers supply review minutes, monthly volume, fully-loaded review cost, incident rates, average loss, cycle time, or cash assumptions. OntoGuard then maps the measured run into Opex Takeout, Loss Prevention, and Working Capital buckets.

Opex TakeoutLoss PreventionWorking CapitalMeasured this runBaseline inputs requiredCalculated deltaEstimated valueCalculation status: baseline required unless buyer inputs are provided
Assumption-safe ROI: hard-dollar calculations appear only when buyer-supplied baselines exist. No invented savings, no fake benchmarks.
Benchmarking + Drift Watch

Behavioral Benchmarking and Drift Watch

OntoGuard can compare governed outputs across time, model versions, workflow types, and review outcomes to identify changes in risk, uncertainty, route posture, review burden, and autonomy readiness.

Status: Available as measured-run comparison when comparable runs exist; continuous production drift monitoring requires deployment or pilot instrumentation.

Ontology Is Not Just a Model — It Is the Control Plane

Most ontology work stops at knowledge representation. OntoGuard takes ontology into runtime: it grounds every AI proposal in enterprise objects, relationships, policies, and evidence, then uses that semantic layer to authorize, block, or escalate the proposed state transition — with full traceability and learning feedback.

This is what makes OntoGuard different: ontology becomes the active reasoning and authorization layer, not just a static data model.

Technical Appendix

Need the full technical record?

The fast homepage stays concise. The appendix preserves platform architecture, ontology, BM25/evidence retrieval, proof invariants, route maturity, roadmap, and visual diligence.

Plain-English Glossary

What these terms mean

Executive glossary
ALLOW / BLOCK / ESCALATEThe decision result. ALLOW can move, BLOCK cannot move, and ESCALATE goes to human review.
Decision Authorization PacketThe PDF + JSON proof artifact showing why a high-stakes AI output was allowed, withheld, or routed.
No-bind receiptA proof record showing that a blocked or escalated output did not form the protected downstream effect.
Route completenessThe maturity of proof around a governed route. Current proof is controlled event-level; production L5 requires real route evidence.
Runtime seamThe release boundary where an AI output is checked before it becomes a business action.
Human review routingReason-coded escalation to a reviewer only when an output needs expert judgment.
L3 training signalA review-gated improvement candidate exported from a governed outcome. It does not mutate model weights at runtime.
Production L5Evidence that a real production route cannot commit without OntoGuard authorization. It requires pilot or production topology proof.
FAQ

Frequently Asked Questions

What OntoGuard does

Can we start without internal documents?

Yes. The first review can start with representative prompts, responses, API logs, intended action labels, workflow labels, or demo outputs. No internal legal files, policy manuals, production deployment, or model retraining are required to begin.

Is OntoGuard a compliance tool or an authorization layer?

OntoGuard is a semantic control plane and Decision Authorization Infrastructure. Compliance readiness is one use case; the broader product governs whether high-stakes AI output is allowed to move, must be blocked, or should be routed to human review.

How to start

What is the fastest first step?

Run an AI Output Risk Scan with 10–25 representative outputs or logs. OntoGuard returns risk, uncertainty, review-burden, autonomy-readiness, and selected proof-packet findings.

What do we receive after an AI Output Risk Scan?

You receive a behavior risk map, review-burden analysis, autonomy-readiness view, training-signal candidates, and selected Decision Authorization Packets for high-risk or representative outputs.

Does OntoGuard require production deployment to start?

No. Initial reviews can run in shadow mode from exported prompts, responses, logs, and workflow labels. Production route integration is only needed for production L5 evidence; see the Capability Boundary.

What it proves

What does OntoGuard prove today?

OntoGuard can produce a controlled Decision Authorization Packet proving that an AI output or proposed state transition was evaluated before release, release was authorized or withheld, refused operation and no-bind status were recorded, replay was shown, route pressure tests ran, and controlled route-enforcement evidence was attached. See the Runtime-Seam Proof and Public Boundary Proof Kit.

What it does not claim

Does OntoGuard prove production non-bypassability today?

Not without production integration evidence. OntoGuard can assert controlled-harness non-bypassability for the controlled proof topology. Production non-bypassability requires a pilot or production route where the real downstream endpoint cannot commit without OntoGuard authorization.

Technical diligence

What is a no-bind receipt?

A no-bind receipt is a compact proof record showing that a blocked or escalated output did not form the protected downstream effect. It binds the attempted movement, Decision API result, release authorization state, refused operation, downstream commit status, protected-effect status, trace ID, manifest hash, and evidence hash.

What is route completeness?

Route completeness describes how much proof exists around a governed AI movement: event governed, no-bind proof, route registered, route tested, route enforced, or route complete. The current proof package supports controlled event-level route proof. Production L5 requires real production topology evidence; see the L1 to L5 progression.

Does OntoGuard train the model?

Not in the runtime path. OntoGuard exports review-gated training-signal candidates and improvement signals. It does not perform live fine-tuning, model-weight updates, DPO, RLAIF, PPO, or adapter loading during governance.

What is a Decision Authorization Packet?

A Decision Authorization Packet is a portable PDF and JSON proof artifact showing how a high-stakes AI output was authorized, escalated, or blocked before release. It records the ALLOW, BLOCK, or ESCALATE decision, evidence, reasons, uncertainty, semantic projection, execution-boundary trace, no-bind status, route maturity, human-review routing, audit hashes, and improvement signals.

What is state-transition governance?

State-transition governance asks whether a proposed AI change is authorized, traceable, and safe to commit. The proposal may be an LLM output, tool call, memory write, ontology update, policy mapping, training signal, or multi-agent handoff. Current production route enforcement for tool calls, memory writes, and handoffs requires customer-specific integration evidence.

Do you support tool calls, memory writes, and multi-agent handoffs today?

Not at the same production-enforcement level as governed LLM output release. The Decision API and JSON contract are designed to support these use cases through customer-specific integration. Production evidence requires real downstream routes, token checks, bypass-attempt logs, replay, and outcome closure.

How does OntoGuard use ontology AI?

Ontology-grounded objects, relationships, rules, clause hits, domain scope, evidence, and symbolic traces connect AI proposals to enterprise reality. This semantic layer helps OntoGuard explain why a proposed AI movement was allowed, blocked, or escalated.

What happens when evidence is incomplete?

The packet still exports. OntoGuard routes uncertainty to SAFE_TEMPLATE or HUMAN_REVIEW, records reason codes, preserves audit hashes, flags coverage gaps, and avoids silently blank evidence or failed artifacts.

Start with 10–25 representative AI outputs

No internal documents or production deployment required. OntoGuard will map risk, review burden, autonomy readiness, and selected proof-packet candidates.

For deeper diligence, we can provide NDA terms, private packet artifacts, integration materials, and technical briefings.

Contact

Email mark.starobinsky@ontoguard.ai for pilots, licensing, partnerships, or NDA access.

Risk ScanProof Kit