Verifiable AI governance — Apache-2.0, no SaaS lock-in

Find every AI on your network. Sign what matters. Hand the auditor a bundle they can verify themselves.

Shadow AI to signed evidence — in one afternoon. Beacon discovers the models running in your environment, attests them against 23 global audit frameworks — NIST AI RMF, EU AI Act, ISO/IEC 42001, HIPAA, GDPR, Colorado AI Act, Korea AI Basic Act, and more — then produces a cryptographically signed bundle anyone can re-verify with one command.

See it sign — live ↓ Download starter (.zip) View on GitHub ↗
Live receipts — Ed25519 / JCS canonical idle
--:--:--awaitingPress “See it sign” to begin the demo
60-second elevator pitch

Watch Beacon do it.

From shadow AI to signed evidence to a green risk score — in one minute.

The problem

Three failure modes every AI program hits.

Beacon was built because none of these are solvable with another policy PDF.

Shadow AI

You don't know what's running

Models show up on developer laptops, in vendor SaaS, embedded in features no one filed a memo for. The first risk register is always wrong.

PDF theater

Your evidence is a screenshot

Audits today are PDFs of dashboards of claims. Nothing is verifiable months later. Nothing survives a key rotation. Nothing is portable.

Aspiration without proof

“We follow NIST AI RMF” — show me

Frameworks turn into checkboxes with no underlying evidence. Beacon makes the checkbox and the cryptographic receipt the same artifact.

Act 1 of 3 · GET TO YES Act 2 · Stay at yes Act 3 · Recover to yes

Ship AI — discovery, not paperwork.

Paste an inventory CSV or let the demo run itself. Beacon tags every model with vendor, capability, residency, and the framework articles it must answer to.

Discovery — Act 1

Act 1 · Ship Act 2 of 3 · STAY AT YES Act 3 · Recover

Steady AI — every claim is a signed receipt.

For each model, Beacon serializes the attestation in JCS canonical form (RFC 8785), signs it with an Ed25519 key, and emits an NDJSON event. Click any receipt below to see the exact bytes that were signed — and verify the signature in your browser.

The bargain: agents do the bureaucracy — discovery, classification, evidence collection, signing. Humans hold the moral legitimacy — the policy, the exception, the override. Beacon is the audit log between them.

Act 1 · Ship Act 2 · Steady Act 3 of 3 · RECOVER TO YES

Recover AI — hand the auditor a bundle they verify themselves.

When the receipts settle, Beacon assembles them into a portable evidence bundle: the manifest, the NDJSON receipt log, the public keys, the policy YAMLs, the checklists, and a one-page VERIFY.md. Anyone with openssl can re-check it. No vendor login. No phoning home.

Policy as code

Three beacons watch your network. Privacy by default.

Manual checklist first — wizard walks each control. Then deploy three passive collectors. They never store prompts or outputs. Only signed metadata that proves your AI is governed.

Model beacon

Discovers every model in use

Watches egress to known AI API hosts (OpenAI, Anthropic, Bedrock, Vertex, Azure OpenAI, Cohere, Mistral, Groq, Perplexity, DeepSeek…) and resolves to processes. One signed receipt per (host, process) pair.

No payloads stored. Metadata only.

Prompt beacon

Counts traffic, not content

Log-tail mode reads existing CASB / SIEM exports (Splunk, Sentinel). Extracts model name, token count, route. Optional TLS proxy mode is opt-in and clearly labelled. Default is privacy-preserving.

Configurable retention. Signed every run.

Artifact beacon

Tracks AI-generated outputs

Watches S3 buckets, SharePoint folders, Confluence spaces. Detects C2PA provenance markers and AI-generation signatures. Tags every artifact with a receipt that follows it through the org.

Provenance you can verify months later.

See the beacons source on GitHub ↗ · Or run the manual wizard first ↗

Daily risk score

One number your board will actually understand.

Every receipt rolls into a weighted score per framework. Frameworks roll into one AI Risk Index from 0 (no evidence) to 100 (every control attested). Updated daily. Reproducible from the receipts alone.

55.4
Sample AI Risk Index
FrameworkScoreStatus
ISO/IEC 2389480.3Strong
SOC 2 TSC69.9Strong
ISO/IEC 4200165.8Watch
NIST AI RMF58.1Watch
EU AI Act42.6Watch
NYC LL 14425.9Gap
India DPDP9.4Gap

Read the sample report ↗ · Scoring engine source ↗

The 100-case proof set

Every public AI failure we could find — mapped to the receipt that would have caught it.

From Zillow's $304M write-down to Hong Kong's $25M deepfake wire fraud to Cruise's robotaxi pedestrian drag. Each row links the incident to the framework controls that were missing and the Beacon receipt — model, prompt, artifact, or checklist — that would have produced the evidence. Filter by sector, act, or framework.

100Documented failures
YES-Ship AI
YES-Steady AI
YES-Recover AI

Loading 100 cases…

Sources are primary where possible (regulator filings, court documents, Reuters/AP/NYT/Bloomberg/FT). Methodology and full JSON: ai_failures_top100.json.

The framework registry

23 audit frameworks. Global. In force and in draft.

Every framework ships as machine-readable YAML and XML — same schema, mapped to control IDs from the source text. Auto-translation into any written language is wired in (Spanish and Arabic shipped today). Filter by status and jurisdiction.

Loading framework registry…

The complete audit framework — all 23 lenses

One PDF, every framework, every control row, every evidence prompt. Hand this to your audit committee. Or grab the full YAML/XML registry for your own tooling.

Combined PDF Inventory template (.xlsx) YAML/XML registry ↗
Run it yourself

Three commands. Your own keys. Your own evidence.

No SaaS to sign up for. Beacon is a small Node server plus a static Studio. Apache-2.0 licensed. Designed to run on Render, Railway, or DigitalOcean — or on your laptop.

# 1. Get the code
git clone https://github.com/bobrapp/aigovops-beacon.git
cd aigovops-beacon

# 2. Install & generate your signing key
pnpm install
pnpm beacon keys:generate

# 3. Run discovery → sign → bundle
pnpm beacon discover --csv inventory.csv
pnpm beacon attest --all
pnpm beacon bundle --out evidence.zip

# 4. Anyone can verify, no Beacon required
pnpm beacon verify evidence.zip
# or with stock openssl — VERIFY.md walks you through it

Deploy in one click

Spin up the Studio (Beacon's web UI) on a managed tier. Render and Railway have free starter tiers; DigitalOcean App Platform uses a paid basic instance.

Deploy to Render ↗ Deploy to Railway ↗ Deploy to DigitalOcean ↗ Or grab the starter .zip

Required: Node 20+, pnpm 9+. No database. Receipts are append-only files.

The Foundation
“Agents do the bureaucracy; humans hold moral legitimacy.”
— AIGovOps Foundation, founding principle

Beacon is the reference implementation of an AIGovOps Foundation idea: that AI governance should be boringly verifiable, not theatrically reported. Built and open-sourced by Bob Rapp and Ken Johnston for the AIGovOps Foundation. Apache-2.0 — fork it, sign with your own keys, run it your way.