Skip to content
Security & governance

Built so you can trust the work

Handing work to agents only makes sense if you stay in control. Governance isn't a layer we added — it's the reason AgentOps exists. Here is what that means in practice.

Human-in-the-loop by default

Side-effecting actions become requests that wait for a person. Agents can never approve their own work — that permission is reserved for people, always.

Strict tenant isolation

Every organisation's data is isolated and scoped to that tenant. Queries are bound to a tenant, and cross-tenant access is denied — not merely discouraged.

Encryption & secret vault

Data is encrypted at rest, and integration credentials live in an encrypted secret vault — scoped per tenant and never exposed to other organisations.

Append-only audit log

Every domain event — runs, actions, approvals, decisions — is projected to an audit log that is never updated or deleted. The record stands.

Role-based permissions

Granular permission scopes decide who can configure agents, who can approve actions, and who can only watch. Least privilege, by default.

Guardrails & thresholds

Tool guardrails and approval thresholds let you decide what needs a human, what an agent may do unattended, and where the limits sit.

Budgets & spend control

Per-agent and per-workflow budgets cap usage and cost. When a budget is reached, work stops — no runaway spend.

Provider & residency controls

Choose which AI model providers an agent may use, opt providers out of data retention, and control how long run history and audit data are kept. Governance over the model, not lock-in.

The governing principle
“No autonomous side effects. Every action that changes the outside world is proposed by an agent and approved by a person — and the whole story is in the audit log.”

It's a simple rule, enforced everywhere: agents reason and recommend; people stay accountable for what actually happens.

Your data

Yours, and only yours

Each organisation is a separate tenant with its own isolated data and credentials. Agents only see the tools you connect and the access you grant — and connecting one service never silently grants another.

AgentOps is built and operated by a UK company, under UK GDPR and the Data Protection Act 2018.

  • Scoped credentials

    Integration tokens are encrypted, per-tenant, and never shared between organisations.

  • Least privilege

    Agents are granted only the specific tools they need — nothing more.

  • Reproducible by version

    Immutable published versions mean a result can be re-examined exactly as it ran.

  • Full traceability

    From the trigger to the approval to the outcome, every step is recorded.

Responsible disclosure

Found a security issue? We want to hear from you. Email us and we'll respond quickly.

hello@techshift.digital

Run the security review with us

Bring your questionnaire. We'll walk your team through how AgentOps handles isolation, approvals and auditability.

Book a demo Sign in to the app