Insights

Reframe Harness v0.1.0 — Deploy AI safely. Build faster.

Reframe Harnessgoverned AIagentic AIpolicy engineenterprise AICISO

Every regulated team faces the same agentic-AI bind: ship the productivity, or hold the line on policy. Reframe Harness is how you do both — a Claude Code–class agent that runs inside your tenant, behind a policy engine you signed.

Any model. Your tenant. Your policy. Whatever your governance committee approved — Claude, GPT, on-prem, or your own fine-tunes — runs through a single gateway with a customer-owned signed policy bundle in front of every call.

What ships in v0.1.0

The harness sits between your engineers and the models they use. The same developer ergonomics you expect from Claude Code, with a control plane your CISO can defend on the same page.

  • Local interceptor — every outbound model call traverses a signature-verified proxy in your environment.
  • Signed policy bundles — tools, allowed models, data scopes, and transports expressed as policy you control; the harness will not start without a valid signature.
  • Live policy refresh — policy is re-pulled before every turn. Change something in the admin UI, press enter in the CLI, and watch it take effect.
  • Tenant isolation — runs against your filesystem, behind your firewall, with no shared SaaS pool.
  • Tamper-evident audit log — every action traced and exportable as board-ready evidence.

The controls every regulated team needs, by default

01 · Permissions
Scoped, least-privilege
Define exactly what each agent and user may read, write, run, and reach. Nothing by default.
02 · Guardrails
Policy & DLP
Redaction, data-classification, and policy checks on every prompt, tool call, and output.
03 · Identity
SSO & secrets
Enterprise identity, role-based access, and customer-managed keys — you hold the keys.
04 · Audit
Immutable evidence
Every action traced and logged for security, compliance, and board-ready reporting.
05 · Residency
Data boundaries
Keep regulated data in-region and out of any model you haven't approved.
06 · Standards
Mapped to frameworks
Controls aligned to SOC 2, ISO 27001, GDPR, NIST AI RMF, and the EU AI Act.

What the live demo shows

The launch video opens on the harness CLI in a regulated tenant — model, policy, source, transport, and working directory all printed, with signature verification on the policy source. We then type a single off-policy prompt:

R › lets talk about crypto

Instead of forwarding to the model, the harness refuses in front of the user with the exact governance reason — sourced from the signed policy the customer's admin team controls. Production proof, not a slide.

How it works in five steps

One harness between your models and your work:

  1. Connect — register any model, hosted or private, behind one gateway.
  2. Define — set policy, permissions, identity, and data boundaries.
  3. Grant — expose scoped tools, MCP servers, and data the agents may use.
  4. Run — engineers and teams run agentic work via CLI, API, or console.
  5. Prove — every action lands in immutable, exportable audit.
$ reframe harness run --model any --policy strict --scope repo:billing
→ identity verified · permissions scoped · DLP on
→ agent planning… editing… running tests… all actions logged
task complete — 0 policy violations · audit exported

Who Reframe Harness is for

Regulated enterprises that need Claude Code–class developer productivity but cannot allow unbounded agentic processes calling unbounded models on unbounded data in someone else's cloud. Law firms, financial institutions, healthcare, defense — anywhere the audit trail matters more than the demo.

If your CISO has been waiting for an agentic platform they can sign off on without exception, this is it.

See Reframe Harness in your environment

Bring your policy, your model, your data. We'll show the harness running inside your tenant in under a week.

Request a briefing →

Related insights

The CISO's Guide to Approving AI for the Business

How CISOs can say a confident yes to AI: the controls, evidence, and governance that make business AI adoption defensible.

Read →

How to Securely Deploy Claude Code Across Your Engineering Team

A practical guide to rolling out Claude Code securely: guardrails for AI-generated code, secrets protection, review gates, and governance for agentic development.

Read →

NIST AI RMF Explained for Business and Engineering Leaders

A plain-English guide to the NIST AI Risk Management Framework for directors — govern, map, measure, and manage AI risk in practice.

Read →