SOC 2 Type II certified. Veridence is now native to the Model Context Protocol. Read the integration guide →
Authorization control plane for autonomous agents

Decide what your AI agents are allowed to do.

Before an agent ships a build, deletes a database, or modifies a binary, it asks Veridence. We prove ownership from real artifact provenance, evaluate policy, and return a single signed decision — in milliseconds.

Get started free → View documentation
Signed decisions <40ms p50 SOC 2 Type II
  POST /v1/verify · release.publish
AUTHORIZED
AcmeApp.exe · publisher verified · production
Confidence
0.99
Trust score
1.00
authenticode.org matches owned claim “Acme Corp”
policy “prod-release” satisfied · code signature valid
signature v1:ed25519:key_2f9a … 8c41d
Integrates with the agent ecosystem
Claude Cursor VS Code Windsurf Zed JetBrains Wolf Code
<40ms
Median verdict latency
99.99%
Uptime SLA
3
Native formats · EXE · APK · IPA
100%
Decisions signed & audited
The platform

Authorization built on proof, not prompts.

Veridence reads the actual artifact, extracts who signed it, and weighs that against your registered ownership and policy. Every answer is explainable and cryptographically signed.

Artifact provenance analysis

Extract the Authenticode publisher from a Windows .exe, the signing certificate and package from an Android .apk, and the Team ID and bundle from an iOS .ipa — real binary parsing, not heuristics.

PE / AuthenticodeAPK v1–v3iOS provisioning

Declarative policy engine

Versioned, reviewable policy where the most-restrictive rule wins. Production and destructive operations can never default-allow — they require proven ownership or an explicit human approval.

OPA / CedarVersioned bundlesObligations

Signed decisions

Every verdict is Ed25519-signed with a rotating key and bound to a short TTL — verifiable, replay-proof, impossible to forge.

Human-in-the-loop

Unproven but plausible requests escalate to an operator in real time — approve or deny while the agent safely waits.

Immutable audit

Tamper-evident, hash-chained logs and a live security event stream — built for SOC 2, ISO 27001 and GDPR evidence.

How it works

From intent to verdict in one call.

The agent pauses

On any sensitive operation, the agent stops and calls Veridence instead of guessing.

We analyze

The artifact’s signature and identity are extracted and compared to your registered ownership.

Policy & trust

Evidence is scored against policy. Sensitive and unproven requests escalate to a human.

Signed verdict

One decision is returned and logged: authorized, denied, or insufficient evidence.

Developers

One tool. Every agent.

Veridence ships as a Model Context Protocol server exposing a single tool, verify_authorization. Wire it into Claude, Cursor, VS Code or any MCP client and your agents gain an authorization conscience.

  • Drop-in MCP server — no SDK lock-in, no code changes to your agent.
  • Org bound to the key — agents can never authorize themselves or act for another tenant.
  • Zero source access — we inspect signatures and metadata, never your code.
mcp.jsonverify response
// register Veridence with any MCP client
{
  "mcpServers": {
    "veridence": {
      "url": "https://api.veridence.io/mcp",
      "headers": { "Authorization": "Bearer vk_live_…" }
    }
  }
}

// the agent calls verify_authorization → receives
{
  "verdict": "AUTHORIZED",
  "confidence": 0.99,
  "reasons": ["publisher matches owned 'Acme Corp'"],
  "valid_until": "2026-06-30T23:59:59Z",
  "signature": "v1:ed25519:key_2f9a…"
}
Security & compliance

We hold ourselves to the standard we enforce.

  • Untrusted artifacts parsed in a network-isolated, rootless sandbox.
  • Signing keys held in hardware (KMS / HSM), never in application memory.
  • Strict per-tenant isolation and least-privilege API key scopes.
SOC 2 Type II
Audited annually
ISO/IEC 27001
Certified ISMS
GDPR
EU data residency
HIPAA ready
BAA available

“Veridence became the gate every one of our agents passes through before touching production. The signed verdict is what made our security team comfortable giving agents write access at all.”

DR
Daniela Roth
VP Platform Security, Northwind Systems
Pricing

Built for teams that ship with agents.

Every plan includes unlimited verifications. Choose the term that fits — the longer the commitment, the better the rate.

Monthly
$499 / month
Unlimited verifications, billed monthly. Cancel anytime.
Start free trial
  • Unlimited verifications
  • EXE · APK · IPA provenance analysis
  • MCP endpoint & signed decisions
  • Custom policies & role-based access
  • Human-in-the-loop approvals
Annual SAVE 20%
$399 / mo · billed yearly
Everything in Monthly, at the best rate.
Start free trial
  • Everything in Monthly
  • Unlimited verifications
  • Audit export & webhooks
  • Priority support & onboarding
  • Two months free vs. monthly
Enterprise
Custom
Multi-year terms, self-hosted or private cloud.
Contact sales
  • Unlimited verifications
  • SSO / SCIM · private VPC install
  • SOC 2 & ISO reports · 99.99% SLA
  • Dedicated trust engineer · 24/7 support

Give your agents an authorization conscience.

Wire Veridence into your stack in under thirty minutes and stop trusting irreversible actions to a confirmation dialog.

Get started free → Talk to sales