Govern Agents Like You Govern People
Every agent gets an owner, a roster entry, an authorized-tool set, and boundaries it cannot cross. AgentFence makes agents first-class governed actors instead of anonymous automation.
Illustrative product view
Agents are actors - govern them
When an AI agent can call tools and move data, it is an actor in your environment, not a feature. Yet most stacks treat agents as anonymous code with a shared key and no owner. AgentFence makes each agent a governed actor: it has an owner, a roster of authorized tools, forbidden targets it may never touch, memory boundaries, and human-approval gates for high-impact actions. Governance is deterministic (ai_agent_governance.py) so it is testable and auditable.
What you govern per agent
| Dimension | What it defines | Why it matters |
|---|---|---|
| Owner / roster | A human accountable for the agent | No anonymous automation |
| Authorized tools | The tools the agent may call | Bounds the blast radius |
| Forbidden targets | Resources it must never touch | Hard limits on sensitive systems |
| Memory boundaries | What context it may read | Prevents cross-context leakage |
| Approval gates | Actions that need a human | Keeps a person on high-impact calls |
The agent lifecycle
From register to retire
- 1
Register
Add the agent to the roster with an owner, so it is a known, accountable actor.
- 2
Scope
Define its authorized tools, forbidden targets, memory boundaries, and approval gates.
- 3
Simulate
Run governance in simulate mode to see which actions would be gated or blocked on real traffic.
- 4
Enforce
Move to enforce once the policy is tuned; the same deterministic rules now bound live actions.
- 5
Review
Every action is recorded; policy violations and unowned agents surface for periodic review.
How it connects
- Agent identity feeds identity resolution and the non-human identity roster
- Tool-call decisions run through the same PDP verdict vocabulary
- Every governed agent action is recorded to the tamper-evident trust ledger
- MCP tool-calls are governed by the same model via MCP governance
Frequently asked questions
What is AI agent governance?
AI agent governance is managing autonomous agents as accountable actors: giving each an owner, an authorized-tool set, forbidden targets, memory boundaries, and human-approval gates, then enforcing those limits at runtime. AgentFence does this deterministically so every agent’s scope is explicit, testable, and auditable.
Why does every agent need an owner?
An agent without an owner is unaccountable - no one is responsible for what it does, and it is a classic hiding place for risk. AgentFence flags agent_without_owner and unknown_agent so ownerless automation is surfaced for review rather than running silently in your environment.
How is agent governance different from agent guardrails?
Guardrails are the enforced limits on a single tool-call. Agent governance is the broader program - registering agents, assigning owners, scoping their tools and targets, and reviewing violations over their lifecycle. Guardrails are how a governed agent’s boundaries are enforced in the moment.
Is agent governance deterministic?
Yes. The governance engine evaluates authorized tools, forbidden targets, memory boundaries, and approval gates deterministically, so the same action always produces the same verdict. That makes the policy testable in CI and defensible in an audit.
Stay in the loop
One practical finance briefing a week - new guides, checklists, and benchmarks.
Make every agent an accountable actor
Give agents owners, rosters, and boundaries - and record everything they do.
Talk to us