Enterprise

Agent Governance
for Enterprise

Runtime security for every AI agent call at scale. Policy enforcement, audit trails, and fleet-wide threat intelligence across your entire MCP infrastructure.

Talk to Us View Live Radar

Built on the same architecture Bloomberg and Block use internally

Zero-Knowledge Telemetry

HMAC-SHA256 Verified

On-Prem Available

SOC 2 Type II

Apache 2.0 Core

Who It's For

Security for every enterprise pattern

Whether you run a platform team, ship multi-tenant SaaS, or operate under regulatory oversight -- Navil meets you where you are.

Platform Teams

Manage MCP across the entire engineering org

Hundreds of developers spinning up MCP servers with no central visibility

No way to enforce security policies fleet-wide

Shadow MCP servers connecting to production data

Incident response is blind -- no audit trail of agent-to-tool calls

Navil gives you a single control plane to discover, monitor, and enforce policy across every MCP server in your org. The Block/Goose pattern, productized.

SaaS Companies

Multi-tenant agent security out of the box

Customer agents can access other tenants' data through shared MCP servers

No isolation between tenant tool calls at the proxy layer

Prompt injection in one tenant's request can poison shared context

Liability exposure when customer data leaks through agent channels

Per-tenant isolation with behavioral baselines, anomaly detection scoped by org, and zero-knowledge telemetry that never exposes customer data.

Regulated Industries

Audit trails that satisfy compliance

No record of what AI agents did, when, or why

Regulators asking for agent activity logs you don't have

Cannot prove that sensitive data wasn't exfiltrated via tool calls

Manual compliance reviews can't keep up with machine-speed agent operations

Every agent call is logged with full context: tool, arguments, response size, anomaly scores. Export SARIF for GRC tools, or query via API for custom audit workflows.

Capabilities

Enterprise-grade features

Complete Audit Trail

Every agent-to-tool call logged with timestamps, payload sizes, anomaly scores, and action taken. Immutable event stream for compliance and forensics.

Policy Engine

Define rules per org, team, or MCP server. Block by anomaly type, severity threshold, tool name pattern, or custom conditions.

SSO & IdentityCOMING

SAML/OIDC single sign-on with identity delegation chains and cascade revocation policies.

Role-Based Access

Admin, member, and viewer roles with scoped API keys. Org-level isolation with per-team visibility controls.

Fleet-Wide Threat Intel

Anonymized threat signals pooled across the entire Navil network. When one node detects an attack, every node learns in under 60 seconds.

On-Prem Deployment

Deploy the Rust data plane inside your VPC. No traffic leaves your network. Full air-gap support for classified environments.

Sub-Millisecond Overhead

Rust proxy with O(1) threshold checks adds less than 1ms per call. Scales to 100K+ requests per minute per node.

SARIF CI/CD Integration

Export security findings as SARIF for GitHub Advanced Security. Block deployments with insecure MCP configs in your CI pipeline.

Frequently asked questions

Is Navil open source?▾

The core proxy and CLI are Apache 2.0. The cloud dashboard (audit logs, fleet management, SSO) is commercial under a BSL license.

Can I self-host Navil?▾

Yes. The open-source tier runs entirely on your infrastructure. No data leaves your network. Enterprise adds a hosted dashboard and a managed threat-intel feed.

How does Navil integrate with Claude Code and Cursor?▾

Navil wraps MCP server configs in your ~/.cursor/mcp.json or Claude Code settings. A single `navil secure` command rewrites the config so the proxy sits in front of every server — no changes to agent code.

What is the performance overhead?▾

2.7 µs per-message overhead at p50, 6.1 µs at p99 on commodity hardware. The benchmark script ships in the repo.

Does Navil store my tool call data?▾

The open-source tier stores nothing off-device. The cloud tier stores metadata (tool name, timestamp, policy decision) in your Supabase instance, not Navil's. Anonymized threat signal contributed to the network never includes payload content.

What compliance frameworks does Navil support?▾

Navil generates structured audit logs suitable for SOC 2, ISO 27001, and HIPAA evidence collection. The Enterprise tier includes pre-built report templates.

How is Enterprise pricing structured?▾

Per seat per month, starting at the Team tier ($59/seat). Enterprise contracts include volume discounts, air-gapped deployment, dedicated support, and SLA guarantees. Contact us for a quote.

Secure your AI agents at scale

Start with the open-source proxy. Graduate to Enterprise for SSO, fleet-wide policy enforcement, dedicated support, and SLA guarantees.

Talk to Us View Open Source

Frequently asked questions

Is Navil open source?▾

The core proxy and CLI are Apache 2.0. The cloud dashboard (audit logs, fleet management, SSO) is commercial under a BSL license.

Can I self-host Navil?▾

Yes. The open-source tier runs entirely on your infrastructure. No data leaves your network. Enterprise adds a hosted dashboard and a managed threat-intel feed.

How does Navil integrate with Claude Code and Cursor?▾

What is the performance overhead?▾

2.7 µs per-message overhead at p50, 6.1 µs at p99 on commodity hardware. The benchmark script ships in the repo.

Does Navil store my tool call data?▾

What compliance frameworks does Navil support?▾

Navil generates structured audit logs suitable for SOC 2, ISO 27001, and HIPAA evidence collection. The Enterprise tier includes pre-built report templates.

How is Enterprise pricing structured?▾

Per seat per month, starting at the Team tier ($59/seat). Enterprise contracts include volume discounts, air-gapped deployment, dedicated support, and SLA guarantees. Contact us for a quote.

Agent Governancefor Enterprise

Security for every enterprise pattern

Manage MCP across the entire engineering org

Multi-tenant agent security out of the box

Audit trails that satisfy compliance

Enterprise-grade features

Frequently asked questions

Secure your AI agents at scale

Agent Governancefor Enterprise

Security for every enterprise pattern

Manage MCP across the entire engineering org

Multi-tenant agent security out of the box

Audit trails that satisfy compliance

Enterprise-grade features

Frequently asked questions

Secure your AI agents at scale

Agent Governance
for Enterprise

Agent Governance
for Enterprise