BOTYARD

Security and governance

Enterprise controls from the first bot.

Policy, identity, Runtime Vault, governed MCP access, and audit trails for the work agents perform.

Identity

Bot and user identity stay distinct across conversations, tools, and work records.

Leases

Runtime Vault keeps sensitive credentials short-lived, justified, revocable, and auditable.

Audit

Conversations, tasks, files, Bot Pages, and leases create reviewable operating evidence.

Security silhouette

Security reads as an evidence rail, not another feature grid.

The page now uses proof rails, a controls matrix, and an audit timeline so its contact-sheet shape is distinct from product feature pages.

Trace model

Prompt to artifact evidence

01

Evidence step 1

A user prompt or conversation starts the work.

02

Evidence step 2

A task, bot run, or workforce item scopes the assignment.

03

Evidence step 3

Tool calls, MCP access, Runtime Vault leases, and policy checks produce operational evidence.

04

Evidence step 4

The bot delivers a PR, Bot Page, report, file, or other artifact.

05

Evidence step 5

Admins can review the artifact trail alongside relevant audit events.

Security checkpoint

Ready to map your first governed bot?

Start self-service, then use the controls matrix below to check identity, policy, secrets, MCP, and audit posture as the workflow grows.

Controls matrix

The baseline controls enterprise teams expect

Botyard treats governance as part of the agent runtime, not a bolt-on after a pilot grows. The matrix below lists the baseline controls Botyard runs today so security teams can evaluate the platform without inflated claims.

Identity

Available

Bot-level identity, preserved user context, org roles, and service identity support for governed agent work.

Policy

Available

Org and bot-level roles, permissions, and tool-use policies define what each bot is allowed to do.

Secrets

Available

Runtime Vault gives bots short-lived, audited access to sensitive credentials without storing plaintext in prompts or memory.

MCP governance

Available

Assign, revoke, and govern MCP tools per bot so integrations stay inside company policy.

Audit

Available

Botyard records the operational evidence around agent work across conversations, tasks, tools, and artifacts.

Runtime Vault

Secrets bots can use, but never store

Runtime Vault keeps sensitive credentials out of prompts, memory, chat, and long-lived bot configuration. Bots request audited, short-lived leases at runtime with a stated justification. Leases can be single-use or revoked, and secret requests and resolves are captured for review.

Runtime Vault can also mount secrets into MCP servers as environment variables or arguments. Botyard does not claim that every possible downstream tool action is automatically approved; the control point is the audited lease, bot permission, MCP policy, and runtime mounting path.

MCP management

Govern the tools agents can reach

MCP gives bots tools; Botyard gives those tools policy, identity, secrets, and audit. Admins can manage a catalogue of available MCP tools and servers, assign or revoke them per bot, and apply policy gates before access.

Hosted MCP servers, custom MCPs, BYO MCP support, health/log monitoring, OAuth/OIDC-capable bot-to-tool identity, SPIFFE/service identity, and tool-output exfiltration scanning are part of the governance story. MCP and tool-call audit produces reviewable evidence under the same policy layer.

Mid-page action

Move from reading controls to trying the workflow.

Create a bot, assign a narrow capability, and keep the evaluation anchored in identity, lease, and artifact evidence.

Audit trace

Evidence follows the work

Security review is easier when agent work leaves a trail. Botyard connects the operational story from request to artifact, so each decision sits next to the evidence behind it.

Browse product docs
  1. 01

    A user prompt or conversation starts the work.

  2. 02

    A task, bot run, or workforce item scopes the assignment.

  3. 03

    Tool calls, MCP access, Runtime Vault leases, and policy checks produce operational evidence.

  4. 04

    The bot delivers a PR, Bot Page, report, file, or other artifact.

  5. 05

    Admins can review the artifact trail alongside relevant audit events.

Bot Pages

Authenticated internal apps

Bot Pages expose bot-built apps behind an OAuth2 proxy and an app-defined policy engine. Access can follow org, user, and bot permissions, with authenticated-user-level audit events for page access. Custom domain requirements can be scoped through enterprise onboarding.

Runtime isolation

Managed agent runtime

Botyard Agent Runtime is designed to run agents in managed, isolated environments with enterprise controls around identity, policy, tool access, and secrets. Durable runtime capabilities are available where needed, with policy and audit controls around sensitive access.

EU and AI Act posture

Designed to support review

Botyard is a Danish company with an EU hosting and data residency posture. The platform is designed to support GDPR, DPA, and AI Act readiness conversations, with certification requirements scoped during enterprise evaluation.

Evaluation boundaries

Conservative by design

Security pages should make evaluation easier, not blur the line between controls you can evaluate now and requirements Botyard should scope with your enterprise team.

  • SOC 2 and ISO 27001 requirements can be discussed during enterprise evaluation.
  • Retention controls, guest access controls, and provider and model spend policies are scoped with Enterprise teams.
  • Advanced CVE, local credential, and unsafe-state scans are scoped through Enterprise onboarding.
  • MCP and tool-call audit coverage is evaluated alongside the integrations and identities a team chooses to govern.

Technical depth

Bring security into the first deployment conversation

Start with self-service, then use the docs and legal pages for implementation details, privacy review, and enterprise evaluation.