Agent security evidence

Your deal is waiting on a security review. Hand them proof.

kolm audits your AI application - the agent and every tool, identity and data flow around it - from the logs you already have, and signs the findings with Ed25519. Your buyer verifies the report in their browser, offline. kolm is never in the trust path.

Run the free scan Verify the sample report

Ed25519 signed · verifies offline Eight controls · Six frameworks

kolm · readiness report signed · ed25519

Helpwise support & billing agents asrr_sample

findings13 · 7 high · 4 medium · 1 low · 1 info

high

Over-permission on a shared key

support-agent on shared-prod-key grants 10 tools, uses 4

ASR-1 least privilege → SOC 2 CC6

+ 12 more findings, each inside the signed object

signatureed25519:9kWQBu5kLlJ8qSaPgyu39K335ewB8hS8-ckKlcB9i9IDhxmYf0ojWdqJfvECIIYh89ljitxhSq4MIV1gaG9aDw

key410302c93becdcc3...✓ verifies offline

01 / The problem

The reviewer wants proof. You have a questionnaire.

Three findings from the signed sample. Every claim below sits inside the signature, so a buyer checks the evidence, not our summary.

high · ASR-1 · least privilege

More access than the job needs

The first thing a reviewer flags, and the hardest to see from inside.

In the signed sample, the support agent grants 10 tools, uses 4, on one shared key.

high · ASR-2 · audit trail

A log nobody can trust

If the trail can be edited after the fact, it is not evidence.

Reviewers want it append-only and hash-chained, and they want to check, not ask.

medium · ASR-6 · evidence

Say-so does not scale

Self-attested answers shift the burden of proof to the buyer.

They want evidence they can verify themselves, against a key, with no portal.

02 / How it works

Audit. Sign. They verify.

One lifecycle, on demand, in minutes. Reproducible: same logs, same result.

01 · audit

Run it on your logs

Import a log or attach the sidecar proxy. Permissions, audit trail, egress and injection resistance are read from what the agent did.

02 · sign

We seal the findings

The report is canonicalized and signed with Ed25519. The signature covers the exact bytes: inflate a score and the seal breaks. Every issuance enters an append-only log.

03 · verify

Your buyer checks it

Offline, in their browser, against the public key inside the report. The check needs only the report file; kolm never sees it happen.

Eight controls read from your own logs · Six frameworks in the crosswalk · mapped to the controls your buyer already cites · the full lifecycle

AUDIT PROCESS / SCAN -> VERIFYlive

Scan

Read your logs

Import a log file or attach the sidecar proxy. Nothing leaves your runtime to start.

12400 calls read

Findings

The controls run

The controls are graded against scope. Each finding cites a control and a framework clause.

13 findings, 7 high

Signed report

The seal goes on

The findings are canonicalized and signed with Ed25519. Change one byte and the seal breaks.

Ed25519 one signed object

Buyer verifies

They check it offline

Your reviewer opens the report in their own browser and checks the signature against the key inside it.

VALID no server of ours

READOUT 12,400 calls read, 13 findings, one signed object verified offline

03 / Verification

They do not trust us. They check the signature.

Two checks run in the buyer's own browser against the key inside the report. kolm is never in the verification path and grades nothing it sells.

What runs in the buyer's browser

inputreport.json · the signed object you handed them

canonicalkey-sorted, whitespace-free bytes

checked25519.verify(signature, public_key)

resultVALID · key 410302c93becdcc3... · pinned issuer

Tier 1 · signature

Edit one field, the seal breaks

The signature covers the canonical bytes. Change a finding or inflate the score and the match fails, in front of the reviewer.

Tier 2 · issuer

A rogue key signs, but does not match

The signing key is pinned to the keyring your buyer expects. A forged key clears tier 1 and fails tier 2.

Offline · no server

Nothing for us to fake

Verification runs on WebCrypto in the buyer's browser. No account, no upload, no server of ours in the path.

Try it live: verify a report Download the sample

Scope is contractual. Permission posture, redaction and audit-trail integrity are assessed. Injection is tested and reported, not warranted.

Issuer key fa562154f99c95f4... · append-only transparency log · inspect the verifier source

03b / The deliverable

What a Signed Readiness Report actually contains.

Not a PDF and not a slide. One canonical (one fixed, byte-for-byte ordering)A canonical object is serialized one fixed way - keys sorted, no stray whitespace - so the same report always produces the same exact bytes, and the signature can cover those bytes. JSON object that carries its own scope, its own findings, and the key needed to check it. Here is every part, and what each part is for.

SIGNED READINESS REPORT / ANATOMYlive

ONE OBJECT scope, findings, embedded key Ed25519 sealed

Scope and subjectWhat was assessed, named in plain words, plus the log window and record count. Example: Helpwise support & billing agents, 12,400 calls.

Readiness, assessed controls onlyOne labeled percentage over the controls that had evidence. A control with no evidence is listed as not assessed, never counted as a silent pass.

Findings, with evidenceEach finding states severity, the exact observation, and the control plus framework clause it maps to. Example: grants 10 tools, uses 4 on one shared key.

Caveats, bounded and signedThe exact PII classes and secret shapes the scan covered, so a clean result is never read wider than the detectors that produced it.

Embedded public keyThe Ed25519 public key the report was signed with travels inside the file, so your buyer needs nothing from us to check it.

Signature and inclusion proofAn Ed25519 signature (a cryptographic seal)A signature is a cryptographic seal computed from the report bytes and a private key. Anyone with the matching public key can confirm the bytes were not altered. over the canonical bytes, plus an append-only log proof that the report was recorded when it claims.

The free Scan signs the same object with a watermark inside the signed bytes; the $750 Signed Readiness Report re-signs the same audit with the watermark removed. Walk the object field by field

04 / Pricing

Start free. $750 when the deal needs a signature.

Flat fees, self-serve, from a free scan to a guided fleet audit. Open the platform comparison to see how signed evidence connects to the wider Kolm control loop, or estimate what a stalled review costs.

Scanstart here

Watermarked findings from your own logs, in minutes. One email address gets a key.

Free

Signed Readiness Report

The full Ed25519-signed artifact your buyer verifies offline. Yours to hand over.

$750one-time

Continuous

Re-attested on a schedule or on every deploy, behind a stable trust link.

$299/$999per month

Full Readiness

A guided audit across your agent fleet, remediation guidance, buyer portal, re-attestation.

$15,000fixed fee

No retainer · no per-seat meter · full pricing · enterprise · part of the kolm compiler Run the free scan →

Unstick the deal.

Run the scan tonight. Hand the reviewer signed evidence tomorrow.

Run the free scan Talk to us

Ed25519-signed Offline-verifiable Sample report

Caveats: Scope is contractual. Permission posture, redaction and audit-trail integrity are assessed. Injection is tested and reported, not warranted.