1 0 3 f a 1 0 b 9 c 2 e 7 0 da 5 1 0 d 7 e 2 8 1 f 3 0 b 40 1 c 6 0 1 b 3 f 0 a 9 d 1 77 e 0 1 a 4 1 0 d 9 5 0 c 8 11 0 8 b 3 0 1 f 5 0 e 6 a 0 2d 1 0 9 c 6 0 a 1 e 0 b 3 7 f0 4 1 f 0 1 7 b 0 2 d 8 1 c 53 0 1 a e 0 1 d 8 0 4 f 6 0 91 b 0 5 1 0 c 9 0 f 7 1 a 3 e6 0 1 0 7 a 4 0 1 e b 2 0 d 80 d 1 3 0 b 1 0 f 8 c 5 9 1 a9 1 0 c 5 0 1 a 2 0 3 e 7 f 60 1 e 0 8 d 0 1 b 4 a 0 2 5 c5 a 0 7 1 f 3 0 e 6 1 d 0 b 8b 0 2 e 9 1 0 c 4 0 f 7 a 1 30 f 8 1 0 b 6 d 0 3 1 a 5 c 04 1 0 d a 0 9 1 7 e 0 2 b 0 f1 c 3 0 f 8 0 5 1 a d 0 e 6 1e 0 7 b 1 0 a 4 c 0 8 1 0 9 d0 8 1 4 d 0 e 1 0 b 6 f 3 a 0
Introducing Veto
Kernel-level enforcement engine for AI agents. Block unauthorized executables and detect confidential data exfiltration — all enforced below the agent’s reach.
- who can access Ona and how they sign in
- what environments and agents are allowed to do
- which defaults apply across the organization
- how to investigate or explain agent behavior later
What guardrails cover
Ona uses several layers of control:| Layer | What it controls | Start here |
|---|---|---|
| Identity | Who can sign in and what access model you use | SSO, SCIM, OIDC |
| Policy | Which defaults, limits, and restrictions apply across the organization | Organization policies |
| Runtime enforcement | What can execute and what data can leave an environment | Veto, Command deny list |
| Auditability | What happened, when, and under which identity | Audit logs |
How to roll guardrails out
Most teams do not turn on every control at once. A practical rollout usually looks like this:- Connect identity so access is tied to your existing org model.
- Apply a small set of organization policies for environment limits, lifecycle, and standardization.
- Add runtime controls where you have clear risk boundaries:
- command deny list for broad command restrictions
- Veto executable deny list for kernel-level executable blocking
- Datawall for confidential data leaving the environment (coming soon)
- Review audit logs as part of rollout so admins know how to inspect outcomes and policy changes.
Which controls to choose first
Start with the control that matches the risk you are trying to reduce:- Access and provisioning risk: start with SSO, SCIM, and organization roles
- Resource sprawl or inconsistent setups: start with organization policies
- Risky commands or binaries: start with command deny list or Veto executable deny list
- Source code or credential exfiltration concerns: review Veto and Datawall (coming soon)
- Compliance and post-incident review: start with audit logs