Aguardic logoAguardic/Docs

Search documentation

Search all documentation pages

Get Started

Core Concepts

Understand the building blocks of Aguardic — policies, rules, evaluations, violations, and more.

Policy

A policy is a named collection of rules that define what to check and how to enforce it. Policies have lifecycle states: Draft, Active, and Deprecated.

Each policy specifies an enforcement mode:

  • BLOCK — Prevent the action from proceeding
  • APPROVAL_REQUIRED — Hold the action for manual review before proceeding
  • WARN — Allow but flag for review
  • MONITOR_ONLY — Log silently for audit purposes

Rule

A rule is a single check within a policy. Each rule has:

  • Type — Either DETERMINISTIC or SEMANTIC (see below)
  • Severity — LOW, MEDIUM, HIGH, or CRITICAL
  • Message — Optional message shown when the rule is violated

Rules are evaluated in order. You can configure policies to stop on the first violation or evaluate all rules.

Deterministic Rules

Deterministic rules use field-level conditions with operators. They evaluate in milliseconds with no external calls.

Each rule contains one or more conditions — a field, an operator, and a value to compare against. All conditions in a rule must match for the rule to fire.

Semantic Rules

Semantic rules use an LLM to evaluate content against a natural language prompt (e.g., "Does this message contain manipulative language?"). They can optionally reference a knowledge base via knowledgeBaseId to ground the evaluation in your organization's documents using RAG.

Semantic rules handle nuanced checks that field-level operators can't express — tone, intent, context, and domain-specific reasoning.

Condition

A condition defines a single field-level check within a deterministic rule. It has three parts:

  • Field — The data field to inspect, using dot notation (e.g., content, user.email, file.size)
  • Operator — How to compare (see full list below)
  • Value — The value to compare against

Supported operators:

  • CONTAINS / NOT_CONTAINS — Substring match
  • EQUALS / NOT_EQUALS — Exact match
  • MATCHES / NOT_MATCHES — Regular expression
  • IN / NOT_IN — Value in a set
  • GT, GTE, LT, LTE — Numeric comparison
  • EXISTS / NOT_EXISTS — Field presence check

Evaluation

An evaluation is a single run of one or more policies against a piece of content or an event. The result is one of:

  • ALLOW — No violations found
  • WARN — Violations found but enforcement mode allows continuation
  • BLOCK — Violations found and the action is blocked
  • APPROVAL_REQUIRED — Violations found and the action is held for manual review

Violation

A violation is a record of a rule that was triggered during an evaluation. Each violation includes:

  • ruleId — The ID of the rule that fired
  • ruleName — The name of the rule
  • severity — LOW, MEDIUM, HIGH, or CRITICAL
  • resolvedAction — The enforcement action taken (BLOCK, WARN, etc.)
  • explanation — Why the rule was triggered
  • field — The data field that matched
  • snippet — The matched content excerpt

Violations follow a lifecycle: NEW (just created) -> ACKNOWLEDGED (reviewed by a team member) -> RESOLVED (addressed) or DISMISSED (determined to be a false positive).

Session

A session groups related evaluations together. For example, an AI agent conversation might create a session that contains multiple evaluations — one for each message or tool call. Sessions provide context for investigation and audit.

Sessions track:

  • actionCount — Total number of actions evaluated
  • dataTags — Tags extracted from evaluated content
  • toolsUsed — List of tools the agent invoked
  • Action chain — Ordered sequence of all actions in the session

Session statuses: ACTIVE (in progress), COMPLETED (finished normally), TERMINATED (ended due to policy violation or manual stop).

Integration Type

An integration type categorizes the source of content being evaluated. Aguardic supports:

  • vcs — Version control (PRs, commits)
  • ai — LLM requests and responses
  • storage — File content
  • email — Email content
  • messaging — Chat messages
  • api — Generic API content

AI System

An AI system represents a registered AI-powered application — such as a chatbot, code assistant, or autonomous agent. Each AI system tracks:

  • Risk classification — MINIMAL, LIMITED, HIGH_RISK, UNACCEPTABLE, or UNCLASSIFIED
  • Data categories — What data it processes (PII, PHI, FINANCIAL, etc.)
  • Affected subjects — Who is impacted (CUSTOMERS, PATIENTS, EMPLOYEES, etc.)
  • Deployment status — DEVELOPMENT, STAGING, PRODUCTION, or DEPRECATED
  • Linked integrations — Which integrations this system uses
  • System owner — The person accountable

Aguardic can auto-suggest a risk classification based on data categories and affected subjects. See the AI Systems guide for details.

Network Policy

A network policy is a compliance policy shared between organizations via a network connection. The receiving organization gets a read-only shadow copy that auto-syncs when the source updates.

Key concepts:

  • Network connection — A bilateral relationship between two orgs (INVITED → ACTIVE or REVOKED)
  • Shadow policy — A read-only copy in the receiving org, bindable to their integrations
  • Auto-sync — When enabled, shadow policies update automatically when the source publishes a new version

See the Network Policies guide for setup details.

Marketplace Policy

A marketplace policy is a pre-built governance policy published to the Aguardic Marketplace. You can install marketplace policies in two ways:

  • Subscribe — Creates a managed, read-only policy that auto-syncs when the publisher releases updates
  • Fork — Creates a one-time copy that you own and can edit freely (no future updates)

Subscribed policies are tagged [Managed] and forked policies are tagged [Template] in your policies list. See the Marketplace guide for details.

Knowledge Base

A knowledge base is a collection of documents that power the RAG evaluation layer. Upload your compliance docs, internal policies, or customer contracts, and the engine will evaluate content against them using vector search.

Policy Binding

A policy binding links a policy to a specific integration. When an evaluation request comes in via that integration's API key, all bound policies are automatically evaluated. This lets you control exactly which policies apply to which integration endpoints.

QuickstartOverview