Semantic Control Plane for Governed Autonomy

Authorize AI-driven state transitions before they bind the enterprise.

OntoGuard evaluates proposed AI outputs, actions, and workflow movements before consequence. It returns ALLOW, BLOCK, or ESCALATE, routes decisions requiring human authority, and produces portable proof showing what was attempted, what was withheld, and why.

In plain English: OntoGuard decides whether an AI recommendation or action may become a real business action—and proves what was allowed, stopped, or sent to a person for review.

See the complete governed transaction
AI proposesOutput, action, workflow movement, or release event
OntoGuard authorizesEvaluates admissibility before consequence
ALLOW / BLOCK / ESCALATERelease, refuse, or route to human authority
Portable proofPDF + JSON + receipt + manifest
ALLOW / BLOCK / ESCALATENo internal documents required to startPortable PDF + JSON proofControlled no-bind proof available today
Withheld before consequence.Autonomous release can be refused or routed before downstream effect.
Strict-six audit package.Buyer JSON, full-audit JSON, PDFs, receipt, and manifest are packaged for offline review.
Batch DAP / Controlled Corridor Mode.Representative cases can be grouped into buyer-readable corridor proof.

OntoGuard is a bounded executable layer at the release seam. It supports controlled event-level no-bind proof today, and production L5 requires route integration evidence, endpoint enforcement, replay records, and outcome closure. See Execution-Boundary Proof. Last updated: July 10, 2026.

Protected by U.S. Patent Application 19/444,521 — Track I prioritized examination granted May 2026.
HOW ONTOGUARD WORKS

The OntoGuard Governed Transaction

From AI proposal to authorized enterprise consequence—or proven non-movement.

OntoGuard governs the complete event where an AI output or proposed action attempts to become an organizational commitment.

This connected AI semantic control plane combines AI decision authorization, AI state-transition governance, AI release control, AI consequence proof, human review closure, a Decision Authorization Packet, and a governed AI learning signal.

  1. 1

    Step 1 of 8

    Attempted Movement

    What is the AI trying to cause?

    A message, recommendation, approval, denial, payment, tool call, record update, workflow trigger, or other proposed business movement.

    Technical detail

    OntoGuard identifies the proposed source state, target state, affected objects, affected relationships, release surface, materiality, reversibility, and whether authorization is required.

  2. 2

    Step 2 of 8

    Semantic Interpretation

    What would that movement mean to the business?

    OntoGuard translates the AI output into the actual business change it is attempting to create.

    Technical detail

    It grounds the proposal in relevant people, accounts, claims, records, policies, contracts, systems, and relationships instead of treating the output as isolated text.

  3. 3

    Step 3 of 8

    Institutional Admissibility

    Is there enough evidence, policy, and authority to proceed?

    A plausible answer is not automatically authorized. OntoGuard checks whether the proposed movement has enough support and institutional permission.

    Technical detail

    This can include evidence sufficiency, uncertainty, risk, policy fit, delegated authority, semantic constraints, route authority, materiality, reversibility, and human-review requirements.

  4. 4

    Step 4 of 8

    Decision Authorization

    What is the governed decision?

    ALLOWBLOCKESCALATE

    Proceed, stop, or send the case to an authorized person before the movement can become a business consequence.

  5. 5

    Step 5 of 8

    Release Control

    Can the proposed movement actually proceed?

    OntoGuard records whether release is authorized, withheld, refused, replaced with a safer response, or routed to human review.

  6. 6

    Step 6 of 8

    Consequence Proof

    What happened—or did not happen?

    OntoGuard records whether a real downstream effect occurred, such as a message being sent, payment being approved, claim being moved, or record being changed.

    Technical detail

    The proof can record the control point, failed condition, refused operation, authorization-token state, downstream-commit state, no-bind result, protected-effect status, replay evidence, and route maturity.

  7. 7

    Step 7 of 8

    Human Closure

    Who reviews the case, what can they decide, and was the outcome closed?

    OntoGuard does not merely place the case in a queue. It preserves why review is required, what the reviewer must inspect, and what decision closes the event.

    Technical detail

    Review evidence may include reviewer assignment, qualification, authorization, approval, revision, blocking, override reason, request for more evidence, and outcome closure.

  8. 8

    Step 8 of 8

    Learning Signal

    What approved correction should improve future behavior?

    The completed event can become a governed candidate for better retrieval, policy, ontology, trust calibration, reviewer guidance, or future training.

    Review-gated improvement only. No live model-weight mutation.

Every governed AI event creates three enterprise assets:

Control

Permission to move

The authorization decision governing whether the proposed action may proceed.

Proof

A verifiable record

Evidence of what was attempted, what was decided, and what consequence formed or did not form.

Learning

A governed improvement signal

A review-gated record that can improve future AI behavior without changing the original decision.

A simple example

An AI drafts a claim-denial message.

OntoGuard recognizes that the message would move the claim toward denial and customer release. It finds that required evidence is incomplete, returns ESCALATE, prevents autonomous release, records that no denial message was sent and no protected effect formed, routes the case to an authorized reviewer, and preserves the reviewer’s correction as an improvement candidate.

  1. AI proposes denial
  2. OntoGuard interprets the business movement
  3. Evidence is incomplete
  4. ESCALATE
  5. Release withheld
  6. No customer effect formed
  7. Authorized reviewer decides
  8. Correction becomes a governed improvement candidate
OntoGuard is not merely a log, evaluation tool, guardrail, policy document, or review queue. It governs the transaction the AI output is trying to create.

Other tools may observe, test, document, or route AI behavior. OntoGuard connects the proposed business movement to authorization, release control, consequence proof, human closure, and governed learning.

GOVERNED TRANSACTION: STAGES 5–6Execution Boundary + No-Bind Proof

Execution Boundary + No-Bind Proof

This answers whether the AI merely produced an output—or was authorized to make that output operational.

OntoGuard does not only score an AI output. It records proposed movement, control point, failed condition, refused operation, release-control status, and whether any protected downstream effect formed. When autonomous release is withheld, OntoGuard produces a no-bind receipt showing that no protected downstream effect formed and that the proposed movement was routed, blocked, or escalated before consequence.

Attempted movement

AI output, tool call, workflow trigger, memory write, recommendation, or release event attempted to become business consequence.

Control point invoked

OntoGuard evaluated the proposed movement before release, commit, or downstream effect.

Operation refused or routed

Autonomous release can be withheld, blocked, or routed to human review with reason codes.

No-bind receipt

The packet records whether a protected downstream effect formed and binds the result to receipt / manifest hashes.

Inspect Runtime-Seam Proof
GOVERNED TRANSACTION: STAGE 3Decision Admissibility

Decision Admissibility: Semantic Coherence Is Not Enough

A proposed AI output can be coherent and still not be admissible to move. OntoGuard evaluates whether the proposed transition has enough semantic, evidentiary, institutional, route, constraint, and human-review authority to become business consequence.

Inspect the complete admissibility questions and technical fields
Evidence sufficiencyAttached, weak, conflicting, or pending.
Delegated authorityKnown, missing, pending, or not asserted.
Policy fitMatched, uncertain, out-of-scope, or needs review.
Semantic constraint statusSatisfied, violated, stale, or conflicting.
Route authorityRegistered route, controlled proof route, or integration pending.
Consequence classCustomer-facing, regulated, financial, operational, or internal.
MaterialityLow, material, high-impact, or unresolved.
ReversibilityReversible, costly to reverse, irreversible, or unknown.
Uncertainty postureDecision-relevant unknowns and evidence gaps.
Human review requirementNot required, required, assigned, or closure pending.
No-bind statusWhether a protected downstream effect formed.
Outcome closure statusClosed, pending, not attached, or not asserted.
GOVERNED TRANSACTION: STAGE 7Constraint Authority + Review Closure

Constraint Authority and Human Review Closure

Escalation is not complete merely because an item entered a queue. OntoGuard records reviewer authority and outcome closure; unresolved states remain explicit.

Inspect reviewer authority and closure states
Constraint sourcePolicy, regulation, workflow rule, or customer route rule.
Constraint authorityAttached, pending, or not asserted before integration.
ApplicabilityRelevant, disputed, stale, or unresolved.
Conflict / stale conditionSurface conflicting or stale constraints without fabricating authority.
Reviewer qualificationKnown only when integration or workflow evidence provides it.
Reviewer authorizationAssigned authority, pending authority, or not attached.
Review outcomeApprove, rewrite, block, escalate, or pending.
Override reasonBuyer-provided reason code when override is allowed.
Outcome closureClosed, unresolved, pending, or not asserted.
Repair / learning signalReview-gated improvement candidate; no live model mutation.
Start Here

Three Ways to Start

Choose a lightweight first step. No internal documents, production deployment, or model retraining are required to begin.

ENTRY ASSESSMENTGOVERNED TRANSACTION: STAGES 1–3

AI Output Risk Scan

Best for: AI governance, risk, compliance, and product teams that want a fast first read.

Input: 10–25 representative prompts, responses, API logs, or demo outputs.

Output: risk map, review-burden view, autonomy-readiness tier, and selected proof packets.

Run Risk Scan
VENDOR PROOF PACKAGEGOVERNED TRANSACTION: REPRESENTATIVE FULL TRANSACTION

AI Demo Proof Pack

Best for: vendors selling into regulated or high-trust enterprises.

Input: demo outputs or product workflow examples.

Output: enterprise-grade proof pack with decision, evidence, review routing, and boundary proof.

Request Demo Proof Pack
REVIEW-ROUTING SOLUTIONGOVERNED TRANSACTION: STAGES 3, 4, AND 7

Human Review Compression

Reason-coded routing that focuses expert attention on decisions requiring judgment. The earlier Human Review Burden Reducer name is retained only for continuity.

Input: review queues, output samples, or escalation examples.

Output: reason-coded routing and reviewer-effort reduction opportunities.

See Review Compression
Lowest-Friction First Step

Run an AI Output Risk Scan

Send 10–25 representative AI prompts, responses, or API logs. OntoGuard identifies risk, uncertainty, review burden, autonomy readiness, and proof gaps, then generates full Decision Authorization Packets for selected high-risk or representative outputs.

No internal document upload required. No production deployment required. No model retraining required. Larger scans can be delivered through Batch Decision Authorization Packet / Controlled Corridor Mode: one aggregate executive readout, case-level hashes, per-case full_audit pointers, review-burden analysis, and a strict-six governance package for the batch.

What you send

  • Representative prompts
  • AI responses
  • API logs
  • Intended action labels
  • Workflow labels
  • Demo outputs

What you get

  • Risk and uncertainty map
  • Review-burden analysis
  • Autonomy-readiness tier
  • Selected proof packets
  • Human-review routing reasons
  • Batch expansion recommendation
10–25 representative AI outputs reviewedPrompts, responses, API logs, demo outputs, or exported workflow samples selected to show real workflow behavior.
Risk, uncertainty, and inconsistency mapShows unsafe language, unsupported claims, contradictory outputs, and confidence mismatch.
Review burden and routing analysisIdentifies which outputs need expert review, light review, rewrite, escalation, or block.
Autonomy readiness tierClassifies workflows as draft-only, recommend-with-review, low-risk release, escalate-sensitive, or block.
2–5 full proof packets for selected casesGenerates buyer-readable Decision Authorization Packets for the highest-risk, most representative, or most commercially important outputs.
Batch DAP / Controlled Corridor ModeLarger scans can be delivered as one aggregate Decision Authorization Packet with case-level hashes, per-case full_audit pointers, review-burden analysis, and strict-six packaging.
Built for:Model Risk ManagementAI Governance / Responsible AICompliance EngineeringInternal AuditRegulated Workflow OwnersAI Product Teams

Request AI Output Risk Scan

Privacy: Do not submit confidential, regulated, customer, health, financial, or personally identifiable information through this form. Secure transfer arrangements can be established after initial scoping.

Submit only contact and scoping information here. Backup: email OntoGuard directly. No deployment is required to start a shadow-mode scan. Initial reviews use a representative sample; larger batch scans can be scoped after the first review.

Complete Product Ladder

From First Scan to Embedded Decision Authorization Infrastructure

Start with representative outputs and expand into runtime authorization, review compression, improvement signals, and customer-specific route evidence without claiming production L5 before integration proof exists.

View the complete product ladder
ENTRY OFFER

AI Output Risk Scan

GOVERNED TRANSACTION: STAGES 1–3

Inputs: prompts, responses, logs, intended action labels, and workflow labels.

Outputs: risk segmentation, ALLOW/BLOCK/ESCALATE distribution, review-burden analysis, uncertainty and hallucination signals, ROI baseline fields, and selected sample packets.

ENTRY OFFER

AI Demo Proof Pack

GOVERNED TRANSACTION: CONTROLLED REPRESENTATIVE TRANSACTION

For vertical AI vendors and partner sales. Converts demo outputs into enterprise-grade Decision Authorization Packets that buyers can inspect.

CORE PLATFORM

Human Review Compression

GOVERNED TRANSACTION: STAGES 3, 4, AND 7

Routes only outputs that need expert judgment, with reason codes, reviewer context, and review-burden metrics.

CORE PLATFORM

Decision Authorization API

GOVERNED TRANSACTION: STAGES 3–5

Backend API returning ALLOW, BLOCK, or ESCALATE with evidence, trace ID, release-control status, and reason codes.

PROOF OUTPUT

Decision Authorization Packet / Strict-Six

GOVERNED TRANSACTION: STAGES 4–7

Portable buyer-readable and machine-readable evidence of decision, route, release state, no-bind posture, receipt, and manifest.

OPERATING MODE

Batch DAP / Controlled Corridor Mode

GOVERNED TRANSACTION: MULTI-CASE STAGES 1–7

Single-case or aggregate authorization across a controlled set of governed cases while retaining per-case evidence.

DOWNSTREAM SIGNAL

Governance Intelligence and Review-Gated Improvement Signals

GOVERNED TRANSACTION: STAGES 7–8

These are downstream outputs of governed decisions and reviewer outcomes. They do not mutate live model weights during the authorization path.

INTEGRATION STAGE

Production Route Evidence Pilot

GOVERNED TRANSACTION: STAGES 5–7

Customer-specific route inventory, endpoint checks, token enforcement, replay, fail-closed proof, and outcome closure.

GOVERNED TRANSACTION: STAGES 4–7Offline-Verifiable Audit Credential

Strict-Six Offline Audit Credential

Six coordinated artifacts support buyer-readable and machine-readable offline review.

Inspect all six coordinated proof artifacts

OntoGuard packages governed decisions into a strict-six artifact set: buyer-portable JSON, full-audit JSON, governance PDF, sellable-lite PDF, decision receipt, and artifact manifest. The package binds governed input/output, Decision API result, evidence, trace, receipt, and manifest into a portable audit credential.

buyer_portable.governance.json full_audit.governance.json governance.pdf governance.sellable_lite.pdf decision_receipt.json artifact_manifest.json
Verify without rerunning OntoGuard. Store as an audit record. Compare across runs. Inspect buyer-readable and machine-readable proof. Preserve full-audit authority separately from buyer-portable summary.
Controlled Corridor Mode

Batch Decision Authorization Packet — Controlled Corridor Mode

One aggregate Decision Authorization Packet can represent multiple governed cases while retaining per-case decisions and evidence references.

Inspect Batch DAP aggregation and technical packet surfaces

OntoGuard can generate an aggregate Decision Authorization Packet for multiple prompts, outputs, or corridor cases. The batch packet rolls up case-level decisions into aggregate ALLOW / BLOCK / ESCALATE, preserves per-case hashes, points into full_audit, and exports one strict-six governance package for the batch.

Aggregate decision logic

If any case blocks, the batch blocks. Else if any case escalates, the batch escalates. Only all-clear cases can aggregate to ALLOW.

Per-case integrity

Each case has a hash, decision result, and pointer into full_audit.

Aggregate proof surfaces

Batch summary, telemetry digest, execution-boundary summary, no-bind summary, trace coupling, evidence geodesic, observer views, and governance path ensemble.

Pilot value

Use for AI Output Risk Scans, vertical AI vendor demo proof packs, and controlled pilot corridors.

Request Batch Proof Pack
Buyer / Partner Segments

Who OntoGuard Is Built For

Built for vendors, regulated enterprises, review owners, integrators, and governance platforms that need authorization proof before consequence.

Explore buyer and partner segments

Vertical AI vendors in regulated workflows

Claims, prior authorization, compliance, legal/finance AI, and customer-service AI.

Turn your demo into buyer-portable proof.

Insurance carriers

Claims, underwriting, fraud, and customer communications.

Reduce review burden and prove which AI outputs can move.

Healthcare payers

Prior authorization, claims, and member communications.

Govern high-impact administrative outputs before they affect members or reviewers.

Banks, capital markets, and model-risk teams

AI governance, compliance, model risk, and agentic AI governance.

Add authorization proof before AI output becomes regulated action.

SIs and implementation partners

Global and boutique AI integrators implementing regulated workflows.

Embed a proof layer into AI workflow deployments.

AI governance, eval, observability, and guardrail platforms

Teams that monitor and test AI behavior but need release authorization proof.

Add runtime Decision Authorization and proof packets where monitoring and evals stop.
Choose Your Path

Start from the buyer problem you already have

I run AI governance / risk

Get a representative risk review, proof gaps, and selected Decision Authorization Packets.

Run Risk Scan

I sell an AI product

Turn your demo into enterprise proof that buyers can inspect before a pilot.

Request Demo Proof Pack

I manage human review

Find which AI outputs need expert attention and why reviewers are spending time.

See Review Compression

I am doing technical diligence

Inspect the public proof kit, runtime seam, packet anatomy, and capability boundary.

Inspect Proof Library
Product Video

Watch OntoGuard Govern an AI Output Before Release

Watch how OntoGuard evaluates a proposed AI output before release, routes uncertainty, and creates a buyer-readable proof packet without needing internal documents or production deployment to start.

What to watch for

  • Where the AI output attempts to move toward business consequence.
  • How OntoGuard returns ALLOW, BLOCK, or ESCALATE before release.
  • How the proof surface records evidence, uncertainty, route status, and reviewer path.
  • How a Decision Authorization Packet becomes buyer-readable diligence evidence.
Read the product-video transcript

The video follows a proposed AI output as it approaches a release boundary. OntoGuard evaluates evidence, uncertainty, applicable constraints, delegated authority, route authorization, and consequence class. It then returns ALLOW, BLOCK, or ESCALATE. Where release is not authorized, the output is withheld or routed to human review. The resulting Decision Authorization Packet records the attempted movement, release state, route, reasons, and controlled no-bind posture.

The demonstration is a controlled, buyer-safe proof. Production route completeness requires customer-specific endpoint integration, fail-closed enforcement, replay evidence, and outcome closure.

Proof & Diligence Hub

Proof surfaces buyers can inspect first

Start with the fastest proof assets: video, sanitized financial-services case, boundary proof kit, strict-six audit credential, Batch DAP, pilot path, procurement readiness, and the technical appendix.

The artifacts below prove individual stages of this governed transaction.

  1. Attempt
  2. Interpret
  3. Test Admissibility
  4. Authorize
  5. Control Release
  6. Prove Consequence
  7. Close Review
  8. Export Learning Signal

Controlled product proof

Present

Current controlled Decision Authorization and no-bind evidence.

Public sanitized proof

Present

Public-safe examples and downloadable proof surfaces.

Customer-specific production evidence

Integration required

Established only through the customer route and endpoint topology.

Independent external validation

Not claimed

Public sanitized proof is not represented as independent validation.

Product Video

Watch OntoGuard govern an AI output before release and produce proof.

Watch product video

Financial Services Proof Case

Sanitized proof case showing Decision Authorization for a regulated-output scenario.

Open proof case

Boundary Proof Kit

Public sanitized proof kit with buyer JSON, PDFs, receipt, manifest, and proof artifacts.

Inspect proof kit

Strict-Six Audit Credential

Buyer-portable and machine-readable strict-six package for offline verification.

See strict-six package

Batch DAP / Controlled Corridor

Batch Decision Authorization Packet view for representative case corridors.

See Batch DAP

Scoped 30-Day Pilot Path

Move from scan to packets to routing design without claiming production L5 too early.

View pilot path

Procurement & Security Readiness

Deployment modes, data handling, enterprise controls, and NDA packet request.

Review readiness

Technical Appendix

Deep technical record for auditors, security teams, and strategic diligence.

Open appendix
Proof Kit

Inspect the OntoGuard Controlled Boundary Proof Kit

A public sanitized proof surface showing a synthetic high-stakes AI output evaluated before release, escalated, withheld, and exported as portable proof.

The proof surface is public. The protected runtime remains protected. No source code, semantic routing internals, scoring formulas, ontology mappings, raw citation infrastructure, or private customer data are disclosed.
1. AI output attempts movementSynthetic high-stakes rationale approaches release
2. OntoGuard gate invokedRisk, uncertainty, evidence, and route conditions checked
3. Release withheldESCALATE; no autonomous release
4. Packet provesPDF + JSON + receipt + manifest exported
All proof artifacts and supporting downloads

Full Audit Summary JSON

Public-safe summary of the controlled proof package without protected runtime internals.

Download Full Audit Summary

Buyer Portable Governance JSON

Sanitized machine-readable packet for inspecting decision state, routing, evidence posture, and audit fields.

Download Buyer JSON

Governance PDF

Buyer-readable proof packet showing the governed decision, escalation outcome, evidence posture, and review routing.

Download PDF

Decision Receipt JSON

Compact receipt showing decision outcome, release status, routed-to value, and public-safe trace identifiers.

Download Receipt JSON

Artifact Manifest JSON

Public-safe manifest describing the artifacts included in the proof kit and their purpose.

Download Manifest

No-Bind Receipt

Decision receipt proving release was withheld and a protected downstream effect did not form.

Download Decision Receipt

Runtime-Seam Summary

Public-safe summary of attempted movement, gate invocation, refused operation, and no-bind status.

Download Runtime-Seam JSON

Route Completeness Evidence

Controlled route maturity summary for L4 route-enforcement evidence without production L5 overclaiming.

Download Runtime-Seam JSON

Governance ZIP

Sanitized package-level artifact showing how OntoGuard bundles governed outputs into portable proof.

Download Governance ZIP

Synthetic public demo only. For deeper diligence, OntoGuard can provide private packet artifacts, integration materials, and technical briefings under NDA.

Scoped 30-Day Pilot

Scoped 30-Day Pilot: From Packet Proof to Route Evidence

Move from representative scan to selected packets to route-design evidence without claiming production L5 before the customer route exists.

  1. Attempt
  2. Interpret
  3. Test Admissibility
  4. Authorize
  5. Control Release
  6. Prove Consequence
  7. Close Review
  8. Export Learning Signal

The pilot attaches customer-specific route and outcome evidence to this governed transaction.

Week 1 — Shadow-mode connectionGovern prompts, responses, and logs without blocking production.
Week 2 — Configure scopeWorkflow labels, intended action labels, proof requirements, reporting format, and evidence sources.
Week 3 — Generate packets5–10 Decision Authorization Packets from real or representative prompts.
Week 4 — Turn on routing designALLOW / BLOCK / ESCALATE / HUMAN_REVIEW / SAFE_TEMPLATE route design.
Production L5 non-bypassability is not claimed from a shadow-mode scan. It requires customer route integration, real endpoint evidence, fail-closed behavior, replay records, and outcome closure.

The target assumes a bounded workflow, available representative evidence, an identified reviewer, and a selected integration boundary. Timing changes with scope and customer dependencies.

Discuss 30-Day Decision Authorization Pilot
Capability Boundary

Capability Boundary: What Is Proven, What Requires Route Evidence

CapabilityCurrent StatusClaim Allowed
AI output behavior assessmentAvailable todayYes
Decision Authorization PacketAvailable todayYes
ALLOW / BLOCK / ESCALATE Decision APIAvailable today for governed LLM outputsYes
Controlled execution-boundary proofAvailable todayYes
No-bind receiptAvailable today for BLOCK / ESCALATE-style outcomesYes
Same-condition replayAvailable in controlled proof packageYes
Changed-condition replayAvailable as controlled fixture / explicit changed-condition proofYes
Route pressure testsAvailable in controlled harnessYes
Bypass prevention evidenceAvailable in controlled harnessYes
Controlled non-bypassabilityAsserted only for controlled harness topologyYes, with limitation
Production L5 non-bypassabilityRequires pilot / production topology evidenceNo
Tool-call / memory-write production enforcementRequires customer-specific integrationRoadmap / integration path
Live fine-tuning / model-weight updatesNot performed at runtimeNo
Training-signal exportRuntime-safe export availableYes
OntoGuard’s current proof package is intentionally honest. It can prove event-level no-bind proof and controlled route behavior. Production L5 non-bypassability is not a website claim until a real downstream route is integrated and tested.
Procurement & Security Readiness

Procurement & Security Readiness

Begin in shadow mode or a controlled boundary, then scope security, data handling, deployment, and route evidence under diligence.

Deployment modes

Shadow-mode scan, async auditor, inline gateway, and VPC / on-prem where applicable.

Data handling

Prompts, responses, logs, PII redaction controls, retention and deletion policy, and what is not stored.

Enterprise controls

Audit logging, access control, model/provider independence, and security review evidence.

Integration

Decision API, DAP export, evidence manifests, and proof-kit artifacts.

Request Procurement / Security Packet under NDA

Start Without Uploading Internal Documents

Start with representative AI outputs and workflow labels. Internal legal files, customer records, and policy manuals are not required for the first assessment.

See what can be evaluated without internal-document upload

What is risky?

Detect unsafe recommendations, customer-impacting language, unsupported claims, and outputs that should not move forward without review.

What is overconfident?

Find outputs that sound certain when uncertainty, escalation, evidence gaps, or human judgment should be preserved.

What needs review?

Route only the outputs that need expert attention, with reason codes and reviewer context.

What is ready for autonomy?

Classify workflows by readiness: draft only, recommend with review, release low-risk outputs, escalate sensitive outputs, or block unsafe outputs.

Where are reviewers wasting time?

Identify avoidable review volume, repeated escalation patterns, and outputs that can be handled through lighter review paths.

What can improve the model?

Turn governed outputs into clean learning signals: good examples, blocked examples, escalation examples, rewrites, and reviewer-labeled outcomes.

Human Experts Are Not Replaced. They Are Focused.

Inspect the human-review operating model

Reason-coded routing focuses experts on decisions requiring judgment and provides the evidence, gaps, and authority state needed for closure.

Instead of asking experts to review every AI output from scratch, OntoGuard packages the decision, evidence, gaps, uncertainty, policy scope, and reason codes into a reviewable packet. The human reviewer becomes an exception authority, not a full-time AI babysitter.

The goal is not “no humans.” The goal is fewer blind reviews, faster escalation, clearer accountability, and better use of expensive expertise.

In a pilot, OntoGuard measures escalation rate, average review minutes, reviewer role, false-approval reduction, and cycle-time impact so the cost of human review becomes visible instead of assumed.

Open frequently asked questions
FAQ

Frequently Asked Questions

What OntoGuard does

What does OntoGuard actually govern?

OntoGuard governs the complete transaction through which an AI output or proposed action attempts to become a business consequence. It identifies the movement being attempted, interprets its business meaning, tests whether it has enough evidence and authority to proceed, returns ALLOW, BLOCK, or ESCALATE, controls release, records what consequence formed or did not form, routes human closure, and preserves the event as a governed improvement signal.

Is OntoGuard just an AI guardrail or evaluation tool?

No. Guardrails typically filter prompts or outputs, while evaluations test behavior. OntoGuard governs a current proposed business movement before consequence and binds the authorization decision to release status, evidence, consequence proof, human review, and a portable Decision Authorization Packet.

Can we start without internal documents?

Yes. The first review can start with representative prompts, responses, API logs, intended action labels, workflow labels, or demo outputs. No internal legal files, policy manuals, production deployment, or model retraining are required to begin.

Is OntoGuard a compliance tool or an authorization layer?

OntoGuard is a semantic control plane and Decision Authorization Infrastructure. Compliance readiness is one use case; the broader product governs whether high-stakes AI output is allowed to move, must be blocked, or should be routed to human review.

How to start

What is the fastest first step?

Run an AI Output Risk Scan with 10–25 representative outputs or logs. OntoGuard returns risk, uncertainty, review-burden, autonomy-readiness, and selected proof-packet findings.

What do we receive after an AI Output Risk Scan?

You receive a behavior risk map, review-burden analysis, autonomy-readiness view, training-signal candidates, and selected Decision Authorization Packets for high-risk or representative outputs.

Does OntoGuard require production deployment to start?

No. Initial reviews can run in shadow mode from exported prompts, responses, logs, and workflow labels. Production route integration is only needed for production L5 evidence; see the Capability Boundary.

What it proves

What does OntoGuard prove today?

OntoGuard can produce a controlled Decision Authorization Packet proving that an AI output or proposed state transition was evaluated before release, release was authorized or withheld, refused operation and no-bind status were recorded, replay was shown, route pressure tests ran, and controlled route-enforcement evidence was attached. See the Runtime-Seam Proof and Public Boundary Proof Kit.

What it does not claim

Does OntoGuard prove production non-bypassability today?

Not without production integration evidence. OntoGuard can assert controlled-harness non-bypassability for the controlled proof topology. Production non-bypassability requires a pilot or production route where the real downstream endpoint cannot commit without OntoGuard authorization.

Technical diligence

What is a no-bind receipt?

A no-bind receipt is a compact proof record showing that a blocked or escalated output did not form the protected downstream effect. It binds the attempted movement, Decision API result, release authorization state, refused operation, downstream commit status, protected-effect status, trace ID, manifest hash, and evidence hash.

What is route completeness?

Route completeness describes how much proof exists around a governed AI movement: event governed, no-bind proof, route registered, route tested, route enforced, or route complete. The current proof package supports controlled event-level route proof. Production L5 requires real production topology evidence; see the L1 to L5 progression.

Does OntoGuard train the model?

Not in the runtime path. OntoGuard exports review-gated training-signal candidates and improvement signals. It does not perform live fine-tuning, model-weight updates, DPO, RLAIF, PPO, or adapter loading during governance.

What is a Decision Authorization Packet?

A Decision Authorization Packet is a portable PDF and JSON proof artifact showing how a high-stakes AI output was authorized, escalated, or blocked before release. It records the ALLOW, BLOCK, or ESCALATE decision, evidence, reasons, uncertainty, semantic projection, execution-boundary trace, no-bind status, route maturity, human-review routing, audit hashes, and improvement signals.

What is state-transition governance?

State-transition governance asks whether a proposed AI change is authorized, traceable, and safe to commit. The proposal may be an LLM output, tool call, memory write, ontology update, policy mapping, training signal, or multi-agent handoff. Current production route enforcement for tool calls, memory writes, and handoffs requires customer-specific integration evidence.

Do you support tool calls, memory writes, and multi-agent handoffs today?

Not at the same production-enforcement level as governed LLM output release. The Decision API and JSON contract are designed to support these use cases through customer-specific integration. Production evidence requires real downstream routes, token checks, bypass-attempt logs, replay, and outcome closure.

How does OntoGuard use ontology AI?

Ontology-grounded objects, relationships, rules, clause hits, domain scope, evidence, and symbolic traces connect AI proposals to enterprise reality. This semantic layer helps OntoGuard explain why a proposed AI movement was allowed, blocked, or escalated.

What happens when evidence is incomplete?

The export layer is designed to produce a schema-valid packet or an explicit failure-state record. OntoGuard routes uncertainty to SAFE_TEMPLATE or HUMAN_REVIEW, records reason codes, preserves audit hashes, and flags coverage gaps.

Security, procurement, and licensing

How is security and data handling evaluated?

Initial Risk Scans can begin without internal documents. Customer-specific deployment, retention, authentication, encryption, third-party model-provider posture, subprocessors, audit logging, and secure transfer controls are documented during diligence. Controls that are not established are labeled customer-specific, planned, requires integration, or not currently asserted.

How can OntoGuard be licensed?

Commercial paths include a scoped Risk Scan, Demo Proof Pack, Decision Authorization pilot, embedded proof layer, co-sell or OEM arrangement, and strategic IP or field-of-use licensing under appropriate diligence and agreement.

Start with 10–25 representative AI outputs

No internal documents or production deployment required. OntoGuard will map risk, review burden, autonomy readiness, and selected proof-packet candidates.

For deeper diligence, we can provide NDA terms, private packet artifacts, integration materials, and technical briefings.

Contact

Email mark.starobinsky@ontoguard.ai for pilots, licensing, partnerships, or NDA access.

Inquiry types: AI Output Risk Scan · Decision Authorization Pilot · Demo Proof Pack · Partner or licensing · Technical diligence · NDA · Strategic discussion

Open the complete technical and diligence record

Developed by Mark Starobinsky, inventor and founder of OntoGuard.

Proof Library

Proof Library: From Decision Authorization to Offline Audit Credential

Inspect the public proof surface, runtime decision artifacts, execution-boundary evidence, no-bind receipts, strict-six audit credentials, Batch DAP / Controlled Corridor Mode, and the production route evidence still required for customer-specific L5 route completeness.

Proof Harness: Export Valid Evidence or an Explicit Failure State

PDF / JSON export, schema-valid packet, confidence tier, trust score, Cold / Heat / Mercury triad, hallucination taxonomy, benchmark status, policy status, evidence gaps, and explicit abstention or human-review route where needed.

Open Proof Harness detail

Decision-Relevant Uncertainty

Shows which unknowns, evidence disagreements, and routing rules mattered to ALLOW / BLOCK / ESCALATE without exposing protected formulas.

Review uncertainty provenance

Financial Services Proof Case

Sanitized proof case for a regulated financial-services AI output: no customer data, no protected implementation details, and no production L5 non-bypassability claim.

Open sanitized proof case
Choose a proof-library view

Executive view

OntoGuard decides whether high-stakes AI output may move, must be held, must be blocked, or should be routed to human review — then exports a portable proof packet.

Technical view

The proof surface preserves Decision API result, execution-boundary trace, no-bind receipt, route maturity, replay, pressure tests, hashes, strict-six artifacts, Batch DAP surfaces, selected semantic projection fields, and production-evidence limitations.

What is available today

AI output behavior review, runtime Decision Authorization, selected Decision Authorization Packets, execution-boundary trace, no-bind receipt, controlled event-level route proof, strict-six offline audit credentials, Batch DAP / Controlled Corridor Mode, and runtime-safe improvement-signal export.

See Batch DAP

What requires pilot integration

Production L5 route completeness, real downstream endpoint token checks, production non-bypassability, customer-specific tool-call authorization, memory-write control, policy authority closure, and multi-agent handoff enforcement require pilot or production topology evidence.

What OntoGuard does not claim

OntoGuard does not publicly claim production L5 non-bypassability, real endpoint enforcement, full autonomous agent enforcement, live model-weight mutation, hard-dollar ROI without buyer baselines, or disclosure of protected routing, scoring, BM25, ontology, citation, or runtime internals.

Executive viewBuyer-readable proof of what moved, what was refused, and what was routed.
Technical viewTrace, route, no-bind, replay, hash, and packet-field evidence for diligence.
What is available todayControlled event-level proof, selected packets, output authorization, and L3 signals.
What requires pilot integrationProduction L5 route completeness and real downstream endpoint token enforcement.
What OntoGuard does not claimNo production L5 overclaim, no live model mutation, and no public disclosure of protected internals.
Technical proof remains available below, but the claim stays bounded: controlled event-level no-bind proof today; production L5 non-bypassability requires pilot or production topology evidence.
Execution Boundary Proof

Execution-Boundary Proof: What OntoGuard Proves Before Consequence

OntoGuard is not only a scoring dashboard. It records the proposed movement, release-control status, no-bind receipt, protected downstream effect status, replay records, and route maturity before business consequence.

Technical view: runtime-seam proof table

Plain English: this shows whether the AI movement was allowed to create a downstream effect.

Proof QuestionPacket Evidence
What movement attempted to advance?AI output / proposed state transition moving toward downstream release
Was OntoGuard invoked before release?Yes — controlled pre-release gate
What condition failed?Release was not authorized; human review required
What operation was refused?Autonomous output release
Was an authorization token issued?No
Did downstream commit occur?No
Did a protected effect form?No
What receipt proves no-bind?No-bind receipt with hashes and route references
Was same-condition replay shown?Yes, replay passed
Was changed-condition replay shown?Yes / controlled fixture passed
Were route pressure tests included?Yes
Was bypass prevention tested?Yes, in controlled harness
What route maturity is claimed?Event-level / controlled no-bind proof today; production L5 requires route integration evidence
Is production L5 claimed?No
Controlled harness evidence can demonstrate route behavior in the proof environment. Production non-bypassability requires the customer’s actual release endpoint, token checks, fail-closed topology, replay records, and outcome closure.
Packet Anatomy

Inside a Decision Authorization Packet

The Decision Authorization Packet is the portable proof artifact produced by OntoGuard. It is both buyer-readable and machine-readable, and it can appear as a single-run packet or a batch/corridor packet with strict-six packaging.

Technical view: packet fields and proof lanes

Plain English: this shows what the PDF and JSON preserve for audit and diligence.

Decision API Result

  • ALLOW / BLOCK / ESCALATE
  • release_authorized
  • release_status
  • routed_to
  • reason codes

Proposed State Transition

  • attempted movement
  • business action
  • affected objects
  • affected relations
  • materiality
  • reversibility

Execution Boundary Trace

  • control point
  • gate mode
  • failed conditions
  • refused operation
  • downstream commit status
  • protected effect status

No-Bind Receipt

  • receipt ID
  • decision hash
  • evidence hash
  • manifest hash
  • no protected effect formed

Route Completeness Evidence

  • route registry
  • enforcement topology
  • pressure tests
  • bypass evidence
  • replay records
  • maturity level

Semantic Projection

  • selected projection
  • state scores
  • projection disagreement
  • why projection won
  • Decision API preservation

Decision Admissibility

  • evidence sufficiency
  • delegated authority
  • semantic constraint authority
  • human-review requirement
  • required change for new state

Human Review Route

  • review required
  • reviewer authorization status
  • reviewer qualification status
  • pending closure
  • review outcome export status

Proof Harness + Audit Credential

  • schema validation
  • strict-six package
  • report hash
  • manifest hash
  • evidence hash
  • verification status

Strict-Six Package

  • buyer_portable.governance.json
  • full_audit.governance.json
  • governance.pdf
  • governance.sellable_lite.pdf
  • decision_receipt.json
  • artifact_manifest.json
  • self-excluded manifest hash
  • decision receipt binding
  • offline audit verification

Batch Packet Surfaces

  • aggregate decision
  • batch summary
  • case hashes
  • per-case full_audit pointers
  • aggregate execution trace
  • no-bind summary
  • trace coupling
  • evidence geodesic
  • governance path ensemble
  • observer views

L3 Training Signal Export

  • gold example candidate
  • review-gated learning signal
  • retrieval improvement
  • policy improvement
  • no live model mutation
Uncertainty + Threshold Provenance

Decision-Relevant Uncertainty and Threshold Provenance

OntoGuard does not only calculate uncertainty. It explains which uncertainty matters to the release decision, which threshold or routing rule affected the outcome, what evidence was visible at decision time, what blind spots remained, and what human judgment must resolve.

Decision-relevant unknownsUnknowns that can change ALLOW / BLOCK / ESCALATE.
Evidence disagreementConflicts between retrieved evidence, source authority, or scope.
Threshold that matteredPublic-safe routing threshold label, not protected scoring formula.
Routing rule that matteredReason code or workflow rule that shaped the outcome.
What evidence could change the decisionExamples of missing evidence that could support a different route.
Human judgment still requiredWhen the evidence state is insufficient for autonomous movement.
Event-Level → Production L5

From Event-Level No-Bind Proof to Production L5 Route Completeness

OntoGuard currently proves event-level no-bind proof and controlled route behavior: the proposed movement maps to a route, the gate is invoked before release, authorization is required, refusal is recorded, replay is captured, and no protected effect forms when release is not authorized.

Technical view: L4 to production L5 evidence ladder

Plain English: this shows what is proven today and what must be proven in a real production route.

1. Production route inventoryEvery governed route is registered.
2. Real downstream release endpointThe actual commit seam is attached.
3. OntoGuard inline before the endpointThe gate is on the release path.
4. Token required for commitCommit requires valid authorization.
5. Missing token rejectedFail-closed behavior is logged.
6. Invalid token rejectedBad authorization cannot commit.
7. Expired token rejectedTime-invalid authorization fails.
8. Route-mismatched token rejectedAuthorization is route-bound.
9. Decision-hash-mismatched token rejectedAuthorization is decision-bound.
10. Direct bypass attempts rejectedNon-gated paths are tested.
11. Same-condition replay passedSame facts reproduce the refusal.
12. Changed-condition replay passedChanged facts produce a new governed state.
13. Route pressure tests passedEdge cases are exercised.
14. Outcome closure accountedDownstream outcome and review state are recorded.
15. Material limitations resolved or waivedAuthorized reviewer closes remaining limitations.
Until those items are attached from a real pilot or production environment, the website must say controlled route enforcement, not production L5 non-bypassability.

What OntoGuard Tells You

OntoGuard analyzes AI behavior from outputs, logs, and proposed actions — then turns that behavior into operational intelligence.

What is risky
What is overconfident
What needs review
What should be blocked
What is ready for autonomy
Where reviewers are wasting time
Which outputs make good training examples
How the workflow compares to governance benchmarks
How model behavior changes over time

How to Read an OntoGuard Decision

Read the packet as a release decision, not as a standalone percentage. The score contributes to the decision; it does not replace evidence, policy scope, benchmark status, or human accountability.

AI proposes an actionOutput, recommendation, workflow step, or governed state change.
OntoGuard checks control signalsEvidence, policy, risk, uncertainty, citation gaps, and traceability.
Decision API returnsALLOW, BLOCK, or ESCALATE before release.
Packet records whyReason codes, scope, evidence IDs, audit hashes, and review route.
Human acts only when neededReviewers handle exceptions with context instead of re-reading everything from scratch.

A score is evidence, not authorization

Trust, confidence, retrieval rank, and benchmark signals can inform the decision. They do not establish delegated authority, route permission, reviewer closure, or authorization to bind the enterprise.

What You License Today

OntoGuard can start as a lightweight output scan and expand into Decision Authorization Packets, controlled boundary proof, human-review compression, runtime-safe training-signal export, and production route evidence pilots.

Core capabilities available today: AI output behavior assessment, runtime Decision Authorization, selected Decision Authorization Packets, execution-boundary trace, no-bind receipt, controlled event-level route proof, strict-six offline audit credentials, Batch DAP / Controlled Corridor Mode, review routing, and runtime-safe L3 Training Signal Export.
Lowest Friction

AI Output Risk Scan

Analyze 10–25 representative prompts, responses, or logs to identify risk, uncertainty, overconfidence, inconsistency, review burden, autonomy readiness, and training-signal candidates, with larger scans available through Batch DAP / Controlled Corridor Mode.

For AI Vendors

AI Demo Proof Pack

Convert a demo output into an enterprise-grade Decision Authorization Packet with controlled execution-boundary proof, no-bind receipt, route maturity label, semantic projection, decision admissibility, and L3 improvement signals.

Proof Surface

Decision Authorization Packet

Portable PDF and JSON proof artifact showing what the AI attempted, what OntoGuard decided, what was refused or authorized, whether downstream effect formed, what route evidence exists, what replay shows, and what human or production evidence remains open.

Boundary Proof

Controlled Boundary Proof Pack

The controlled proof package is useful before production deployment because it lets buyers inspect the seam: movement evaluated, gate invoked, condition failed, operation refused, no protected effect formed, receipt generated, replay shown, and route completeness honestly labeled.

Review Efficiency

Human Review Compression

Identify which outputs need expert judgment, why they need review, what evidence the reviewer should inspect, and how the reviewer outcome can become a governed improvement signal.

Engineering / Risk

Decision Authorization API

Runtime API that returns ALLOW, BLOCK, or ESCALATE with release status, routed_to, business effect, reason codes, evidence references, audit identifiers, and optional controlled boundary proof metadata.

Learning Systems

Runtime-Safe Training Signal Export

Runtime-safe export of governed decisions into review-gated learning candidates. Does not perform live training or mutate model behavior.

Production Evidence

Pilot Integration Package for Production Route Evidence

The production pilot package is the path from event-level no-bind proof to production L5 route completeness. It attaches real route inventory, downstream endpoint behavior, token validation logs, bypass-attempt logs, reviewer closure, and outcome records.

Integration Path

Agentic API Integration Path

Integration path for tool calls, memory writes, ontology changes, policy mappings, and multi-agent handoffs. Current proof is strongest for governed LLM output release; production enforcement for agentic routes requires customer-specific integration.

1. Output Risk ReviewStart with representative outputs/logs.
2. Runtime Decision AuthorizationALLOW / BLOCK / ESCALATE before consequence.
3. Selected Proof PacketsExport PDF + JSON evidence for selected cases.
4. Strict-Six Audit CredentialPackage buyer JSON, full audit, PDFs, receipt, and manifest.
5. Batch DAP / Controlled CorridorAggregate multiple governed cases into one proof package.
6. Production Route EvidencePilot route integration to prove production L5 route completeness.
OntoGuard is designed to produce a schema-valid proof package or an explicit failure-state record. Package completeness, parity, and required evidence are validated for each run.

From monitoring to commitment control

OntoGuard does not stop at observing model behavior. It determines whether a proposed output or action is admissible to proceed, routes unresolved authority to human review, and creates portable proof before release. See the Capability Boundary.

Measurable Business Impact

OntoGuard is not only an audit story. It produces measured run values that can be mapped to hard-dollar ROI once the buyer supplies baseline assumptions.

Opex Takeout

  • Reduce paid review minutes
  • Lower escalations and rework loops
  • Automate evidence packaging and QA checks
Escalation rate ↓Review minutes ↓AHT ↓

Loss Prevention

  • Prevent wrong approvals and policy leakage
  • Catch issues before incidents or rollbacks
  • Route risky decisions to accountable review
False approvals ↓Incidents ↓Fraud exposure ↓

Working Capital

  • Shorten claims, disputes, exceptions, and close cycles
  • Improve denial prevention and collections workflows
  • Attach proof at the moment of decision
Cycle time ↓Denials ↓DSO ↓

OntoGuard provides measured_run_values: allow/block/escalate counts, withheld releases, evidence packets, human-review tasks, audit artifacts, and review-burden signals. Hard-dollar ROI remains baseline-required: buyers supply review minutes, monthly volume, fully-loaded review cost, incident rates, average loss, cycle time, or cash assumptions. OntoGuard then maps the measured run into Opex Takeout, Loss Prevention, and Working Capital buckets.

Opex TakeoutLoss PreventionWorking CapitalMeasured this runBaseline inputs requiredCalculated deltaEstimated valueCalculation status: baseline required unless buyer inputs are provided
Assumption-safe ROI: hard-dollar calculations appear only when buyer-supplied baselines exist. No invented savings, no fake benchmarks.
Benchmarking + Drift Watch

Behavioral Benchmarking and Drift Watch

OntoGuard can compare governed outputs across time, model versions, workflow types, and review outcomes to identify changes in risk, uncertainty, route posture, review burden, and autonomy readiness.

Status: Available as measured-run comparison when comparable runs exist; continuous production drift monitoring requires deployment or pilot instrumentation.

Ontology Is Not Just a Model — It Is the Control Plane

Most ontology work stops at knowledge representation. OntoGuard takes ontology into runtime: it grounds every AI proposal in enterprise objects, relationships, policies, and evidence, then uses that semantic layer to authorize, block, or escalate the proposed state transition — with full traceability and learning feedback.

This is what makes OntoGuard different: ontology becomes the active reasoning and authorization layer, not just a static data model.

Technical Appendix

Need the full technical record?

The fast homepage stays concise. The appendix preserves platform architecture, ontology, BM25/evidence retrieval, proof invariants, route maturity, roadmap, and visual diligence.

Plain-English Glossary

What these terms mean

Executive glossary
Governed transactionThe complete event in which an AI output or proposed action attempts to become a real business action and is interpreted, authorized, controlled, proven, reviewed, and converted into an improvement signal.
Attempted movementThe business change an AI output or action is trying to cause, such as sending a message, approving a payment, changing a record, denying a claim, or triggering a workflow.
Institutional admissibilityWhether the proposed movement has enough evidence, policy support, authority, route permission, and human accountability to proceed.
Consequence proofEvidence showing whether the proposed movement produced a real downstream effect or was prevented from doing so.
Human closureThe governed completion of a review, including who decided, what they decided, why, and whether the outcome was recorded.
ALLOW / BLOCK / ESCALATEThe decision result. ALLOW can move, BLOCK cannot move, and ESCALATE goes to human review.
Decision Authorization PacketThe PDF + JSON proof artifact showing why a high-stakes AI output was allowed, withheld, or routed.
No-bind receiptA proof record showing that a blocked or escalated output did not form the protected downstream effect.
Route completenessThe maturity of proof around a governed route. Current proof is controlled event-level; production L5 requires real route evidence.
Runtime seamThe release boundary where an AI output is checked before it becomes a business action.
Human review routingReason-coded escalation to a reviewer only when an output needs expert judgment.
L3 training signalA review-gated improvement candidate exported from a governed outcome. It does not mutate model weights at runtime.
Production L5Evidence that a real production route cannot commit without OntoGuard authorization. It requires pilot or production topology proof.
Risk ScanProof Kit