The Hootleash method
From a wild AI estate to defensible autonomy.
Hootleash is built to deploy fast and prove value before procurement closes. Here's how we're designing the first release to take a design partner from kickoff to first evidence pack.
How Hootleash works
Five disciplined steps from chaos to control.
Engineered for the way enterprise AI actually rolls out - incrementally, across business units, under the eyes of risk, legal, and the board.
01 · Discover
Inventory every autonomous agent.
Hootleash auto-discovers humans, RPA bots, model endpoints, and agentic chains across cloud, on-prem, and SaaS. We classify each by autonomy level, data class, and blast radius.
02 · Map
Set the boundary in policy-as-code.
NIST AI RMF Map activities ship pre-modeled. Write default-allow / default-deny zones in YAML or our visual graph; simulate before you deploy.
03 · Quantify
Dollarize every possible action.
Plug into your ERM model. Hootleash assigns financial, operational, and reputational consequence to each branch of the agent's decision tree.
04 · Remediate
Autonomous response, no human paged.
Tiered playbooks - throttle, reroute, degrade, halt - run inline. The agent stays productive inside the leash; humans get the post-mortem, not the alert.
05 · Prove
Audit-ready evidence on demand.
Sealed WORM event log, cross-walked to EU AI Act, NIST AI RMF 1.0, ISO/IEC 42001, SR 11-7, and your internal MRM. Export a defensible packet in seconds.
Architecture
Built like the systems it governs.
A four-plane architecture: control, data, identity, provenance. Each can be deployed in SaaS or private cloud. Each can be audited independently.
Control plane
Policy authoring, simulation, RBAC, audit portal, dashboards. Multi-tenant SaaS or single-tenant VPC, by deployment choice.
Data plane
Stateless, horizontally scalable enforcement nodes designed to deploy inline. Region-pinned. Hardware-isolated for FIPS.
Identity plane
OIDC for agents and humans. Attribute-based access control, ephemeral credentials, fast key rotation.
Provenance plane
Every event hash-chained and signed. Optional anchoring to Hyperledger or your private chain.
Deployment plan
What a design partnership engagement looks like.
The default phased plan for a design partner with up to a few hundred autonomous workflows in scope.
Shadow mode
We deploy in mirror mode. Hootleash observes every autonomous decision and scores risk without enforcing. The leash is visible before it bites.
Policy authoring & simulation
Risk, legal, and ML engineers co-author the leash. Hootleash replays historical traffic against the draft policy and shows the blast radius.
Phased enforcement
We promote policy by autonomy tier. T1 (low-risk) first; T4 (high-risk) is gated on a sign-off from your model risk committee.
Audit dry run
Generate the first evidence pack and run it past your auditor before there's anything real at stake.
terraform/hootleash.tf - reference module (concept)
module "hootleash" {
source = "hootleash/leash/aws"
deployment = "private-vpc"
regions = ["us-east-1", "eu-west-1", "ap-southeast-1"]
data_residency = "regional"
identity_provider = "okta"
audit_storage = "s3-worm"
risk_tiers = {
t1 = { autonomy = "low", policy = "permissive" }
t2 = { autonomy = "medium", policy = "balanced" }
t3 = { autonomy = "high", policy = "strict" }
t4 = { autonomy = "very-high", policy = "default-deny" }
}
frameworks = ["eu_ai_act", "nist_ai_rmf_1_0", "iso_iec_42001", "sr_11_7", "dora", "soc2"]
}Ready when you are
Want to see what the v1 evidence pack will look like?
We can share a draft template so your legal and audit teams can see exactly what we're aiming for.
Pre-launch · design partner program open · early access 2026