Docs/Aigovernance

AI Governance

Ants' AI Governance Platform (AIGP) delivers end-to-end governance, compliance, and risk management for enterprise AI systems — ensuring every AI agent, model, and workflow operates within policy, regulatory, and ethical boundaries.

Why AI Governance?

As enterprises scale AI adoption, ungoverned deployment of agents creates systemic risk. AI agents are probabilistic systems that can drift from intended behavior, violate regulatory requirements, and expose sensitive data — all without detection unless governed proactively.

AIGP addresses this by providing a unified governance layer across all AI operations, with built-in policy enforcement, continuous compliance monitoring, and automated evidence collection.

Key Capabilities

1. AI Policies

Define, enforce, and audit policies across your entire AI estate. AI policies, their enforcement scope, and the compliance status of each agent are managed from the AI Governance dashboard at https://app.agenticants.ai — there is no SDK call to create or query policies.

What the SDK does provide is the instrumentation that feeds those dashboards: trace every agent invocation so policy violations and compliance scores can be computed centrally. Install and configure the client once at startup:

shell
npm install ants-platform
typescript
// instrumentation.ts — imported before any agent code runs const provider = new NodeTracerProvider({ spanProcessors: [ new AntsPlatformSpanProcessor({ publicKey: process.env.ANTS_PLATFORM_PUBLIC_KEY, secretKey: process.env.ANTS_PLATFORM_SECRET_KEY, baseUrl: "https://api.agenticants.ai", }), ], }); provider.register(); setAntsPlatformTracerProvider(provider);
python
# Configure the client once at process startup from ants_platform import AntsPlatform client = AntsPlatform( public_key="pk_...", # or env ANTS_PLATFORM_PUBLIC_KEY secret_key="sk_...", # or env ANTS_PLATFORM_SECRET_KEY host="https://api.agenticants.ai", )

Once agents are instrumented, open the AI Governance dashboard at https://app.agenticants.ai to define policies and review per-agent policy violations, compliance scores, and drift events.

2. AI Compliance & Evidence Collection

Generate audit-ready compliance reports aligned to EU AI Act, California AI regulations, NIST AI RMF, ISO/IEC 42001, SOC2, GDPR, and HIPAA. AIGP automates evidence collection across every agent's lifecycle:

Compliance BOM (Bill of Materials) reports and evidence packages are generated and exported from the AI Governance dashboard at https://app.agenticants.ai. Select the frameworks (EU AI Act, CA AI regulations, NIST AI RMF, ISO/IEC 42001, SOC 2, GDPR, HIPAA) and reporting period, then export an audit-ready, timestamped evidence package as PDF. There is no SDK call for report generation; the reports are built from the trace, score, and dataset data your instrumented agents send through the SDK.

To attach the context auditors need (agent ownership, environment, data classification) so it surfaces in those reports, enrich your traces from instrumented code:

typescript
// Inside an instrumented request, tag the active trace with audit metadata updateActiveTrace({ metadata: { agentId: "agent_456", environment: "production", dataClassification: "restricted", }, });
python
from ants_platform import get_client # Inside an @observe()-decorated function, tag the current trace client = get_client() client.update_current_trace( metadata={ "agent_id": "agent_456", "environment": "production", "data_classification": "restricted", }, )

3. Active Drift Detection

Continuously monitor AI agents for behavioral drift — detecting when agents deviate from approved baselines, policies, or expected outputs. Drift baselines, alerting thresholds, severity mapping, and automated responses (quarantine, kill switch) are configured in the AI Governance dashboard at https://app.agenticants.ai, and drift events are reviewed there. There is no SDK call to configure drift detection or query drift events.

The dashboard computes drift from the traces, generations, and evaluation scores your instrumented agents emit. Each agent invocation should be wrapped so the platform has the signal it needs:

typescript
// Wrap an agent invocation so every call is traced and feeds drift analysis const runAgent = observe( async (query: string) => { // ... call your model / agent ... return await callAgent(query); }, { name: "production-agent" }, );
python
from ants_platform import observe # The @observe() decorator traces every call so the platform can detect drift @observe(name="production-agent") def run_agent(query: str) -> str: # ... call your model / agent ... return call_agent(query)

4. PII Detection & Protection

Automatically identify and protect sensitive data across all AI interactions:

typescript
// Capture the interaction as a span; the platform scans the input/output for PII const span = startObservation("span", { name: "customer-query" }); span.update({ input: "My SSN is 123-45-6789 and email is john@example.com", }); // ... run your agent ... span.end(); // On the dashboard this trace shows: // - PII Types: SSN, Email // - Action: Automatically redacted // - Audit Log: Created

PII detection counts, types, and redaction status across all traces are reviewed in the dashboard at https://app.agenticants.ai — there is no SDK query for aggregated PII metrics.

5. Security Guardrails

Prevent policy violations with configurable guardrails:

Guardrail policies (PII redaction, toxicity, topical restrictions, severity, and notifications) are defined in the dashboard at https://app.agenticants.ai. From your application you enforce those policies at runtime with the guardrails client:

python
from ants_platform import AntsGuardrailsClient guardrails = AntsGuardrailsClient( public_key="pk_...", # or env ANTS_PLATFORM_PUBLIC_KEY secret_key="sk_...", # or env ANTS_PLATFORM_SECRET_KEY host="https://api.agenticants.ai", ) # Check the agent output against your configured guardrail policies response = agent.run(query) result = guardrails.check(response) if result.blocked: response = result.safe_output # redacted / blocked replacement
typescript
const guardrails = new AntsGuardrailsClient({ publicKey: process.env.ANTS_PLATFORM_PUBLIC_KEY, secretKey: process.env.ANTS_PLATFORM_SECRET_KEY, baseUrl: "https://api.agenticants.ai", }); const response = await agent.run(query); const result = await guardrails.check(response); const safeOutput = result.blocked ? result.safeOutput : response;

6. RBAC & Access Control

Fine-grained permissions for teams, projects, and data are configured in the dashboard. Define roles (viewer, developer, admin, security), assign permissions, and map users to roles under organization and project settings at https://app.agenticants.ai. There is no SDK call for role or membership management.

7. Incident Response & Escalation

Automated policy drift detection and incident response workflows — including ServiceNow and PagerDuty integrations, escalation rules, agent quarantine, and evidence snapshots — are configured and triggered from the AI Governance dashboard at https://app.agenticants.ai. Incidents are raised automatically from the trace and drift signals your instrumented agents emit; there is no SDK call to create or respond to incidents.

AI Agent Lifecycle Governance

AIGP tracks every agent through its full lifecycle:

Lifecycle StageAIGP Coverage
DiscoveryAuto-discover first-, second-, and third-party agents including Shadow AI
InventoryReal-time registry with ownership, classification, and risk scoring
Policy AssignmentAttach governance policies based on risk tier and data sensitivity
Runtime MonitoringContinuous drift detection, PII scanning, and compliance checks
Evidence CollectionAutomated audit trail with timestamped compliance artifacts
ReportingBOM reports for EU AI Act, CA AI Act, NIST RMF, ISO 42001
Incident ResponseAutomated escalation via ServiceNow and PagerDuty
RetirementControlled decommissioning with data lineage preservation

Sub-Sections

AI Governance encompasses cost management and resilience as integral parts of a governed AI operation:

  • AI Cost — Financial visibility, token monitoring, budget management, and ROI analytics for governed AI spend
  • AI Resilient — Performance monitoring, SLO management, incident response, and availability tracking

Detailed Topics

Set Up AI Policies →

© 2026 ANTS Platform, Inc.Docs v1.0 · Last updated June 2026