DIMAGGI AI — Policy Firewall for AI Agents

DIMAGGI AI sits between your AI systems and the tools they use — intercepting every action, evaluating it against your governance rules, and producing a tamper-evident audit trail. Enforce security policies on AI agent tool calls before they execute.

How It Works

  1. Intercept — Every AI agent tool call passes through the DIMAGGI AI proxy before execution.
  2. Evaluate — Tool calls are matched against your policies. Rules fire based on tool name, parameters, agent identity, and context.
  3. Decide — Allow, deny, escalate for human review, or flag as a near-miss. Shadow mode logs without blocking.
  4. Audit — Every decision is logged with HMAC signing and SHA-256 hash chaining. Tamper-evident and regulator-ready.

Live Demo: 30-Day Security Snapshot

Simulated activity for a financial services company running four AI agents in shadow mode.

  • 1,847 tool calls evaluated across 4 AI agents
  • 74% policy coverage (26% matched no policy and were allowed by default)
  • $87,500 near-miss value flagged in shadow mode
  • 12ms average evaluation time per tool call

Active Security Policies

High-Value Transfer Guard
Escalates wire transfers and payments over $10,000 for CFO approval
PII Data Protection
Blocks email sends, CSV exports, and file uploads that may contain personal data
External API Rate Limit
Flags high-frequency calls to external services to prevent data exfiltration or runaway costs
Security Command Block
Denies shell command execution and script invocations from all agents unconditionally

Shadow vs Enforcement Modes

Shadow Mode — All tool calls are evaluated and logged, but nothing is blocked. Near-miss records show exactly what enforcement would have caught. Use this to tune policies before going live.

Enforcement Mode — Policy violations are actively blocked. Escalations require human approval before the tool call proceeds.

AI Agents Under Governance

  • Finance Bot — Wire transfers, payments, financial reporting
  • Data Pipeline — Data ingestion, CSV exports, file management
  • Support Agent — Customer communications, ticket handling
  • Code Review Bot — Security scans, shell diagnostics, code analysis

Audit & Compliance

  • Tamper-Evident Audit Trail — Every decision is HMAC-signed and linked via SHA-256 hash chains. Any modification to historical records is detectable.
  • Complete Decision History — Full trace of every tool call: who requested it, which policies matched, what the outcome was, and why.
  • Offline Verification — Export audit chains as JSONL and verify integrity offline with the CLI tool.