Request Access

Access is not authorisation

Governance infrastructure for autonomous systems

Security checks the actor. Governance checks the action.

The Missing Authority Layer

Traditional controls were designed for humans who choose their own actions. Autonomous systems broke that assumption.

An agent fulfils a support request by sending claimant data to a partner.

Valid credentials. Correct role. Tool access granted. Every security check passes.

The data leaves. A post-hoc review discovers the exposure.

No system proves this action was authorised, or under what policy or delegation.

Traditional controls govern access. They do not govern delegated action.

From Intent to Evidence Record

Every consequential action passes through a single decision point — and produces a verifiable record. Execution proceeds only after explicit ALLOW. ALLOW is never implicit.

Agent

Intends to perform a consequential action

Authority

Evaluates delegation and policy; returns ALLOW, DENY, or ESCALATE

Decision Ledger

Append-only decision record with configurable integrity protections

Observatory

Explains what happened and which policies applied

Traditional controls answer a different question

Identity, roles, permissions, and gateways govern access. Logs record what happened after the fact. None decide whether a specific action was authorised. Autonomous systems broke the assumption that a human selects every consequential action.

What the stack can tell you

What it cannot tell you

which identity acted
whether this specific action was authorised
which system or tool was reached
under which policy it was allowed
what happened after the fact
under whose delegation it executed
Inspect an authorisation trace

Governance must live on the execution path

If governance is optional, retrospective, or outside the consequence path, it cannot decide actions before they commit. The missing layer has to sit where autonomous actions actually execute.

On the consequence path
Governance must sit where actions create real effects — data access, code execution, network egress, and tools — not beside them.
Decision, delegation, and evidence stay bound together
If an action is allowed, its policy basis, delegated authority, and evidence record must be produced at that moment.
One boundary across agents and tools
The same decision boundary must apply across runtimes, models, frameworks, and downstream systems.
Missing authority fails closed
If delegation is missing, policy cannot be resolved, or evaluation is ambiguous, the action does not proceed.

One Boundary. Any Agent.

Authority decides before execution.

Primary

Ambit Authority

Renders a governance decision — ALLOW, DENY, or ESCALATE — before any autonomous action executes.

One enforcement point — independent of agent runtime, model provider, and orchestration framework. Execution is routed through it, or it does not happen.

Authority decides. Observatory makes those decisions provable.

Assurance

Ambit Observatory

Derives explanations from governance decisions — which policies applied, what was decided, and why.

Governed by fixed invariants

Every decision is bound by constitutional invariants: no action without evaluation, no evaluation without delegation, no decision without evidence. Governance is specified up front, not improvised after the fact.

Read the invariants

Designed to Survive Audit

Hard To Bypass
Placed on the consequence path — the execution route to downstream systems passes through Authority. Bypass requires modifying infrastructure, not code. Missing evidence records are detectable governance failures.
Easy To Explain
Every evaluation resolves to ALLOW, DENY, or ESCALATE — a ternary outcome that auditors and regulators can follow without reading code.
Measurable Latency
Synchronous evaluation before execution — the decision is made in the critical path, before any action runs. Measured per decision (p50, p95, p99) — measured and reported, not promised.
Produces Evidence Records
Evidence per decision: policy hash, delegation reference, action fingerprint, outcome, timing, integrity proof.

Ambit is currently accepting early design partners. Review the architecture or start a conversation about your action boundary.

Start a conversation Technical deep-dive