Subnet345

Where we fit

Access control is the gate. The substrate is the record.

As enterprises move AI agents into production, a category of tooling has grown up to govern them. It clusters into a few layers, and most of them answer one question: may this agent act? Few answer the one a board or an examiner asks when something goes wrong: what did the agent actually do, on whose authority, and can you prove it?

§ 01 The layers

What you are likely evaluating.

Each of these does a real job, and you may well need all of them. The point is not that they fall short at their own work. It is that none of them produces the record an auditor asks for.

Access & identity

Decide whether an agent is allowed to act: authorization, credentials, machine and agent identity. Necessary work. But a record of what an agent was permitted to do is not a record of what it did.

Posture & monitoring

Discover your agents and watch them in real time. Useful for operations. But observability is a live view, not an immutable, attributable record an examiner can interrogate after the fact.

Compliance attestation

Attest that your program and controls meet a standard. That documents how you govern. It is not the action-by-action record of what each agent actually did.

§ 02 The gap

The thing the examiner asks for.

None of those layers produce an attributable, tamper-evident record of what each agent actually did: every action tied to a specific agent under a specific policy, every refusal recorded, verifiable from any point, kept inside your own perimeter.

Authorization tells you what an agent was allowed to do. Observability shows you what is happening right now. Attestation documents how you govern. The question that survives an incident is none of those. It is the trace.

Observability shows you what is happening. Audit-by-construction proves what happened.

§ 03 Where Subnet345 sits

The record layer, by construction.

We are that record layer. Keep the access controls and the monitoring you already run; they decide whether an agent may act, and they do it well. The substrate records and proves what the agent did, by construction rather than bolted on after.

The gate and the record are different jobs. A governance program needs both. The lane no one else occupies is the provable, in-perimeter record of the action itself.

They decide if an agent may act. We record and prove what it did.

See the record layer in your own environment.

Become a design partner →See the product →