What is on your desk.
Discover unmanaged and shadow agents before an auditor or an incident does.
Least-privilege policy envelopes decide what each agent can touch, and what needs a human to approve.
Signed, tamper-evident records mapped to NIST, the EU AI Act, and your own controls.
How ClearPoint helps.
What the first quarter looks like.
Discovery surfaces unmanaged and personal-account agents before they surface you.
Issue passports through a six-stage gate; bind least-privilege policy envelopes to each agent.
Every governed action is signed and mapped to NIST and EU AI Act controls, ready to export.
“When the auditor asked what our agents could touch and what they actually did, we exported the answer in a click.”
Questions CISOs ask.
Is ClearPoint SOC 2 or ISO 27001 certified?
Not yet, and we will not pretend otherwise. Our controls are mapped to the SOC 2 Trust Services Criteria and ISO 27001 today. We share the current control map under NDA during evaluation, and we will publish a report when one actually exists.
How does the evidence hold up in an audit?
Every governed action is signed and tamper-evident, with the agent identity, policy hash, and outcome attached. Records crosswalk to NIST and EU AI Act high-risk controls so your auditors get artifacts, not screenshots.
What happens when an agent misbehaves?
Policy envelopes stop out-of-scope actions before they happen, escalations route to a human, and any action can be traced and reversed. The assurance agents flag drift and policy violations in real time.
Where do I report a vulnerability?
Email [email protected]. Our security team responds within one business day.