Build AI governance into your product.

Every governance action available in the dashboard is reachable via REST. Connect through webhooks, GitHub Actions, MCP, or A2A. Detailed API and protocol references below.

View the API Book a demo

Wire KoraSafe into your stack.

Reference

REST API

Full governance surface: findings, systems, controls, policies, audit packages, and more. Manage via dashboard or API.
Protocol

Model Context Protocol (MCP)

Expose KoraSafe governance tools to AI agents via MCP. Query findings, retrieve control status, submit evidence.
Protocol

Agent-to-Agent (A2A)

A2A protocol integration for orchestrating KoraSafe agents from external orchestrators and agent networks.
Integrations

Webhooks, connectors, and edge shipping

Outbound webhooks for governance events (HMAC-signed), GitHub Actions for pre-launch CI gating, vendor connectors that ingest SIEM and observability streams, and a lightweight edge shipper that captures AI conversations in the customer cloud and streams governance telemetry.

Architecture you can build on.

Architecture

Platform architecture

Multi-tenant SaaS with per-tenant isolation, detection pipeline, API layer, and evidence storage.
Security

Security posture

TLS, encryption at rest, RLS tenant isolation, SOC 2 Type I status, and honest KMS/mTLS roadmap note.
Extension

VS Code extension

Editor plugin that surfaces governance context, runs pre-launch checks, and prompts engineers to register sanctioned AI systems as they ship code.
Extension

JetBrains extension

Plugin for IntelliJ IDEA, PyCharm, WebStorm, GoLand, RubyMine, and AppCode. Local-only by default; cloud checks opt-in with explicit consent.
Extension

Chrome extension

Browser extension for shadow AI discovery. Detects AI tools running in the browser environment.
Changelog

Changelog

Recent ships grouped by theme: regulatory coverage, audit packages, new capabilities, and honesty fixes.

Every governance action is reachable via API

KoraSafe operates as a headless governance layer. Every action available in the dashboard is exposed as a REST endpoint: registering AI systems, triggering assessments, reviewing findings, authoring policies, exporting audit packages. The dashboard and the API share the same data model. Nothing is UI-only.

Connect over REST with full HMAC-signed webhook callbacks for governance events. Run MCP to expose governance tools directly to AI agents: query findings, retrieve control status, and submit evidence without leaving the agent context. Use A2A to orchestrate KoraSafe agents from external agent networks and orchestrators. Wire GitHub Actions to gate pre-launch checks in CI before any AI system ships to production.