v0.3.1 — Fintech live · Healthcare & Pharma in beta

One agent. Every breach.
Immutable proof.

Policy agent infrastructure that attaches to any AI agent and produces tamper-evident compliance breach logs — automatically. Zero code changes.

Request Early Access Read the Docs →

$ pip install breach-intel-client Installing... done. $ breach-intel install-hook ✓ Persistent hook installed ✓ Auto-attach enabled for all Python agents $ python my_agent.py Agent registered: fintech-advisor-01 ⚠ BREACH: PII_EXPOSURE severity=CRITICAL → SSN pattern in agent response → Logged (SHA-256: a3f8c1...) → Webhook fired to Slack $ open localhost:8080/dashboard/ ✓ 21 breaches across 5 agents

Why Breach Intel?

Manual compliance is broken

AI agents in regulated industries make thousands of decisions daily with zero audit trail. When regulators ask "what did your AI do?" — most teams can't answer.

Metric	Manual Auditing	Breach Intel
Detection latency	Days to weeks	<1ms real-time
Coverage	Spot checks, sampled	100% of agent outputs
Tamper resistance	Editable logs	SHA-256 hash chain
Code changes needed	Custom per agent	Zero — auto-attaches
Breach types	5–10 hand-written rules	40+ across 4 verticals
Regulatory readiness	Manual reports	SOC 2, GDPR, HIPAA, FDA, SEC

Capabilities

Everything you need for agent compliance

🔍

Rule-Based Classifier

Deterministic breach detection in <1ms. No LLM in the critical path. 40+ violation types.

🧠

Agentic Deep Analysis

Optional async LangGraph pipeline powered by Claude. Adds context and remediation guidance.

🔗

SHA-256 Hash Chain

Every record checksummed and chained. Integrity scanning every 6 hours. Tamper = chain breaks.

📊

Live Dashboard

Breach counts, severity breakdown, agent heatmaps, live feed, click-to-inspect detail views.

🔌

Zero-Touch Auto-Attach

Persistent sitecustomize.py hook patches all AI frameworks at import time. No code changes.

🚨

Webhook Alerts

CRITICAL breaches fire instantly to Slack, Discord, or generic webhooks.

📝

Immutable Dual-Write

Every breach writes to PostgreSQL/SQLite AND real-time JSONL. Ship JSONL to your SIEM.

🏗️

Auto-Scaling

Spawns additional instances when load exceeds threshold via Docker, K8s, or subprocess.

🔐

Multi-Tenant Auth

Scoped API keys with tenant isolation. Rate limiting at 300/min. Full RBAC.

Taxonomy

40+ breach types out of the box

Each type has severity, regex patterns, regulatory mapping, and remediation guidance built in.

PII_EXPOSURE

CARD_DATA_EXPOSURE

PHI_EXPOSURE

CROSS_TENANT_LEAK

DATA_EXFILTRATION

TRIAL_DATA_FABRICATION

UNBLINDING_BREACH

CLINICAL_NOTE_LEAK

ESIGNATURE_BYPASS

HIV_STATUS_DISCLOSURE

UNAUTHORIZED_ACCESS

PRIVILEGE_ESCALATION

HALLUCINATION_FINANCIAL

AUDIT_TRAIL_21CFR11

GMP_VIOLATION

SCOPE_CREEP

UNAPPROVED_EXT_CALL

INSURANCE_DATA_LEAK

Under the Hood

Architecture

A sidecar policy agent that intercepts, classifies, and logs — without touching your agent code.

┌─────────────────────────────────────────────────────────────┐ │ Your AI Agent (OpenAI / Anthropic / LangChain / OpenClaw) │ │ No code changes — sitecustomize.py patches at import │ └──────────────────────────┬──────────────────────────────────┘ │ auto-intercepted LLM response ▼ ┌─────────────────────────────────────────────────────────────┐ │ Policy Agent (FastAPI · :8080) │ │ │ │ 1. Auth + Rate Limit → scoped API keys, 300/min │ │ 2. Auto-Register → first event? register agent │ │ 3. Payload Sanitize → normalize, strip noise │ │ 4. Classifier → rule-based, <1ms, deterministic│ │ 5. Breach Logger → DB + JSONL (SHA-256 chained) │ │ 6. Webhook Alerter → Slack / Discord / generic │ │ 7. Agentic Analyzer → LangGraph + Claude (async) │ │ │ └────────┬──────────────┬──────────────┬──────────────────────┘ │ │ │ ▼ ▼ ▼ PostgreSQL/SQLite breach_logs/*.jsonl Webhook Endpoints (source of truth) (ship to SIEM) (real-time alerts)

One agent. Every breach.
Immutable proof.

Manual compliance is broken

Everything you need for agent compliance

Rule-Based Classifier

Agentic Deep Analysis

SHA-256 Hash Chain

Live Dashboard

Zero-Touch Auto-Attach

Webhook Alerts

Immutable Dual-Write

Auto-Scaling

Multi-Tenant Auth

40+ breach types out of the box

Architecture

See everything. In real time.

Ship your audit layer today.

One agent. Every breach.Immutable proof.

Manual compliance is broken

Everything you need for agent compliance

Rule-Based Classifier

Agentic Deep Analysis

SHA-256 Hash Chain

Live Dashboard

Zero-Touch Auto-Attach

Webhook Alerts

Immutable Dual-Write

Auto-Scaling

Multi-Tenant Auth

40+ breach types out of the box

Architecture

See everything. In real time.

Ship your audit layer today.

One agent. Every breach.
Immutable proof.