REST API
The full governance surface (findings, systems, controls, policies, audit packages, regulatory deltas) is available via REST. Manage every object through the API or the dashboard. Full API reference.
Connect KoraSafe to your AI stack.
REST API, webhooks, GitHub Actions, MCP, Portkey, LangSmith, Presidio, AWS CUR, and shadow AI CSV importers are available. Each connector lists its current state honestly: live, Preview, or roadmap.
Webhooks
Create and manage outbound webhooks from the dashboard. Every governance event (new finding, policy decision, regulatory delta) can trigger a POST to your endpoint. Payloads are cryptographically signed.
GitHub Actions
The pre-launch risk gate runs as a GitHub Action. Every PR or new system registration goes through the rule pack evaluation; verdicts appear as PR status checks before merge.
MCP
KoraSafe™ exposes governance tools via Model Context Protocol for agent-to-agent workflows. Agents can query findings, retrieve control status, and submit audit evidence through the MCP interface. MCP reference.
Portkey + LangSmith
Ingest LLM call telemetry from Portkey and LangSmith into the conversation telemetry pipeline. Findings, redactions, and provenance flow into the same Guardian feed as native shipper traffic. Shipping with selected design partners; general availability targets the next runtime release.
Microsoft Presidio
Drop-in Presidio connector for PII detection and redaction. Customers running Presidio internally can route detection through KoraSafe™ without re-running classifiers; findings carry provenance back to the original Presidio recognizer.
AWS CUR
AWS Cost and Usage Reports import surfaces Bedrock, SageMaker, and other AI service spend into the shadow AI discovery feed. Finance signals join identity signals to surface unsanctioned AI usage at the spend layer.
Shadow AI CSV importers
Format-aware CSV importers for AWS Cost and Usage Reports, Okta sign-in logs, and Azure AD usage exports. Templates published; the importer infers the format and normalizes into the same discoveries feed as the live providers.
Native edge component
A lightweight edge component will capture AI conversations in the customer's cloud, redact sensitive data in place, and stream normalized governance telemetry to KoraSafe™. The schema is published; the shipper itself targets the next runtime release.
Built for A2A and MCP, not just UI
Every governance action available in the dashboard is reachable through the API. KoraSafe™ operates as a headless governance layer, usable from CI/CD pipelines, agent networks, and custom internal tooling without requiring the web interface.
REST
full governance surface
MCP + A2A
agent protocol support
HMAC-signed
webhook payloads