-
Notifications
You must be signed in to change notification settings - Fork 0
Zero Trust Scanner Agent
CAVRA zero-trust scanner agents run where sensitive AI assets already live: customer VPCs, private subnets, on-premises networks, containers, Kubernetes clusters, and air-gapped estates. The scanner emits metadata, hashes, risk scores, finding metadata, and evidence references only.
It is built to prevent raw model bytes, model weights, training data, source code, prompt samples, file contents, credentials, or private artifacts from leaving the customer-controlled environment.
Customer-controlled environment
├── model registry / artifact store / code repo / endpoint
├── CAVRA zero-trust scanner
│ ├── computes hashes
│ ├── scores risk
│ ├── emits findings metadata
│ └── blocks raw egress
└── CAVRA receives metadata-only evidence
Supported execution modes:
customer_vpcon_premprivate_subnetair_gappedcontainerkubernetes
Allowed output:
- scanner ID;
- environment;
- asset reference;
- asset type;
- hash digest;
- risk score and tier;
- findings metadata;
- evidence references.
Forbidden output:
- raw model bytes or weights;
- training data;
- dataset rows;
- prompt samples;
- source code;
- secrets, private keys, credentials;
- raw artifacts or file contents.
Validate a metadata-only scan result:
python3 scripts/validate_zero_trust_scanner.py \
--scan-result examples/zero-trust-scanner/scan-result.sample.jsonProve raw egress is blocked:
python3 scripts/validate_zero_trust_scanner.py \
--scan-result examples/zero-trust-scanner/scan-result.invalid-raw-egress.jsonValidate a live sanitized scanner packet:
python3 scripts/validate_zero_trust_scanner.py \
--packet examples/zero-trust-scanner/enterprise-zero-trust-scanner.live.sanitized.example.json \
--require-liveThe public gate passes when:
ready_for_live_zero_trust_scanner: true
blocker_count: 0
Enterprise deployments still provide private scanner packaging, real network placement, tenant scoping, private credentials, egress-control run logs, and operating evidence inside the customer evidence room.
Before the agent acts, CAVRA asks: who is acting, what will change, what policy applies, and what evidence will prove it?
| Start | Build | Operate | Assure |
|---|---|---|---|
| Quick Start | CLI | Enterprise Guide | AISPM |
| Reader Paths | Policy Syntax | Deployments | Evidence |
| Community | GUI | Troubleshooting | Conclusion |
- Foreword And Reader Paths
- Why CAVRA Exists
- Runtime Authority Model
- Architecture
- Editions
- Install And Deploy
- Community Guide
- Enterprise Guide
- CLI Reference
- GUI And Sandbox
- AISPM Guide
- Policy And Evidence
- Operations And Integrations
- Labs And Use Cases
- Appendices And FAQ
- Policy Language Reference
- Troubleshooting Playbook
- Technology Stack
- Unified Enterprise Roadmap
- Conclusion
- Development And Testing Archive
- Unified Enterprise Roadmap
- CLI
- API
- CAVRA Trial Field Guide
- AISPM Enterprise Live Ingestion
- Enterprise HA/DR Readiness
- Enterprise HA/DR Azure Map
- Enterprise KMS/HSM Evidence Custody
- Enterprise Immutable Audit Log
- Enterprise Compliance Mapping Packs
- Enterprise Reporting Exports
- Connector SDK And Certification
- Priority Certified Connectors
- Model Registry Connectors