Unknown runtime state
Model registries and policy documents rarely prove what is actually running inside customer environments.
NeoVail helps enterprises govern models, agents, MCP servers, and AI infrastructure through regional control planes, customer-local Sentinel enforcement, and audit-supporting evidence.
// the new attack surface
Tool calls, credentials, files, workflows, and regulated systems need decisions before execution — faster than governance, audit, and runtime enforcement can keep up.
Model registries and policy documents rarely prove what is actually running inside customer environments.
MCP servers can expose powerful tools, but agent-side permission prompts are not a reliable enterprise control boundary.
Regulated teams need evidence that reflects current runtime state, not spreadsheets assembled after an incident.
// the answer
NeoVail connects inventory, policy, enforcement, and evidence into a single system of record. The public website, control plane, intake, and customer-local enforcement stay on separate surfaces.
Static marketing pages, legal notices, trust pages, and demo entry points.
Policy administration, AI asset graph, evidence review, and customer workflow management.
Sentinel telemetry intake with customer-selected residency, handling, and retention rules.
Local enforcement boundary where verification, policy checks, and blocking happen before actions proceed.
// runtime decision
NeoVail evaluates tool, identity, risk, policy, and runtime context in the same hop. The decision is bound to the policy version that made it and to the evidence record it produces.
Action executes immediately with identity and evidence attached.
Action proceeds with a flagged record for review.
Action is blocked before a tool, credential, or model is touched.
Routed to approvers with expiry and escalation.
Dry-run outcome and side effects captured first.
// product truth
The console shows what is running and what was decided. Every decision mints an evidence record bound to identity, policy version, and runtime context.
{
"evidence_id": "ev_c3f9d8",
"verdict": "deny",
"agent": "gemini-cli/ops-77",
"action": "mcp.cloud.iam.review",
"policy": { "id": "prod.runtime.v3", "hash": "b58c…e01f" },
"runtime": { "host": "gpu-07", "model": "llama-3.1-70b", "precision": "fp8" },
"signature": "ed25519:9f4d…77aa",
"chain": { "prev": "ev_77d0e2", "seq": 48122 }
}// mcp governance
NeoVail treats MCP servers as governed enterprise assets with identity-aware access, gateway-based allow and deny decisions, and a full audit trail.
Track approved MCP servers, ownership, risk, and allowed environments.
Map access to enterprise users and groups instead of relying on local agent configuration.
Enforce allow and deny policy before tools are invoked.
Record who attempted what, through which agent, against which server, and why it was allowed or blocked.
// integrations
NeoVail meets your environment where it lives: frontier model APIs, local model servers, agent CLIs, MCP gateways, identity providers, and compliance pipelines.
OIDC · SCIM · groups
frontier + local
CLI + IDE agents
servers · gateways
inbox + chatops
evidence + exports
// compliance and security
NeoVail is designed to support EU AI Act readiness work, DORA-aligned evidence workflows, regional control planes, customer-local runtime telemetry, and audit evidence exports. These statements describe product intent and should not be read as a legal certification or regulatory conformity assessment.
Control planes designed around regional deployment and residency requirements.
Runtime checks and enforcement run near customer models, agents, and MCP servers.
Unknown tools and unbound MCP servers can be blocked before execution.
Access decisions can include users, groups, tools, scopes, environments, and policy versions.
Every decision links identity, policy, runtime context, and outcome into an exportable record.
The public site stores no customer evidence, secrets, telemetry, or enforcement state.
// start small
A fixed-fee runtime inventory and drift pilot in your environment. Read-only by architecture, evidence-grade deliverables, no platform commitment.
See how NeoVail governs models, agents, MCP servers, and runtime evidence across enterprise AI environments.