CAT3

Central AI Governance for Enterprise

Protection and Guidance For Every AI User And Every AI Application

CAT3 is a virtual appliance that sits between your team and the thousands of AI products they need to experiment with and use if your enterprise wants to get ahead of the pack.

CAT3 intercepts, checks, blocks if necessary, and then provides guidance for any AI application used from within your Enterprise firewall or via your Zero Trust gateway.

You can plug in third-party guardrails of any technology - but at its core, CAT3 relies on formal knowledge structures and symbolic reasoning. It's actions are predictable and explainable.

What CAT3 gives your enterprise is confidence. Leadership confident that they're informed and in control. A workforce confident to explore and use AI knowing it's safe and approved.

Get started with simple, self-service provisioning and per seat or per request pricing. If you need professional cyber security services, you can get them from our network of accredited partners.

Zero to 100% AI Governance in 60 minutes. Learn more.

One virtual appliance inside your firewall

Join the Waiting List

Register your interest. We'll keep you up-to-date with progress and get you into our Beta Program as soon as we can.

Fine-tuning your guardrails is as simple as enabling and disabling a handful of concepts

Graph-Based Governance

To manage intelligent applications (AI) you need an intelligent knowledge structure. That structure is the The CAT3 Knowledge Graph - the result of three decades of work in Knowledge Representation and Symbolic Reasoning (KR&R).

Unlike the "black box" Large Language (LLM) and other models it's used to manage, the CAT3 Governance Graph is transparent and deterministic - its actions are repeatable and a human can easily understand and tune them.

The CAT3 Graph includes more than 80,000 concepts and it understands more than one million English words, out-of-the-box. Fine-tuning your guardrails is as simple as enabling and disabling a handful of concepts in the graph's hierarchy. These governance knowledge structures also hold the knowledge used to give guidance and skills to your workforce.

Guardrail Plugins

The Governance Graph is always its core, but CAT3 also allows you to plug in additional guardrails.

Filters for profanity, hate speech, sexual content and a few other broad categories can be applied using Amazon's Guardrails for Bedrock, Azure AI Content Safety or Google's Perspective API. You can also add third-party regular-expression, data-based or trained classifiers that may part of other security products you're already using. If you've built guardrails for your own applications these can also be plugged in.

These plugins won't allow the degree of control possible with CAT3's Governance Graph, but multiple layers of extra protection can provide an early safety net and may provide peace of mind for your stakeholders.

Plug-in guardrails
Data and IP security

Data and IP Security

CAT3 gives you unrivalled power to protect the privacy of your clients and team members - and your other important data and knowledge.

The Governance Graph lets you reduce risk by restricting the semantic scope of prompts and other data sent to any AI service. It also detects PII (Personally Identifying Information) in that data.

Your own data-based filters, Private-Cloud-resident Named Entity Recognition (NER) models or Data Loss Prevention (DLP) tools can be plugged in to provide additional security.

Empower Your Workforce

CAT3 gives you the freedom to allow "bottom-up" discovery while maintaining centralised control.

Leverage the creativity and domain knowledge of your team by letting them safely evaluate, experiment and build using the best offerings from the entire Generative AI ecosystem. There will be no "talent scarcity" if every team member can be a builder.

There are already thousands of well-designed and tested products from established vendors and tens of thousands of innovative products from AI startups. Don't fall behind your competitors by cuffing your team to applications built by your own limited internal resources.

Empowered workforce
Confident leadership

Real-time Education and Guidance

Unsupervised AI presents too many risks. The privacy risks associated with sharing PII (Personally Identifying Information) or other sensitive data. The legal risks of not complying with legislation or not protecting intellectual property. The reputation risks that come from providing biased, inaccurate or downright false information or advice.

For now, removing those risks - practicing "Responsible AI" - means there has to be a human-in-the-loop. Most humans, however, are unprepared for such responsibility.

CAT3 remains connected to your workforce human throughout their AI session, offering guidance, answering questions about your rules and providing feedback on any AI request that breaks them. It's their personal AI tutor.

Lead with Confidence

CAT3 gives you full control over what gets asked of an AI application and what gets sent through your enterprise firewall. Comprehensive records also mean valuable insights that can't be gathered any other way.

Identify risk and track bias. Configure alerts to drive incident response and escalation rules. Inform your AI strategy by collecting cost, carbon and ROI data. CAT3 will also let you exercise some control over those costs.

Identify talent and skills that can be shared throughout your workforce. Discover where your team is looking for value and where they're actually getting it.

The AI landscape is changing at light speed and agility is a key strategic advantage. With CAT3, you can apply governance to a new model or application in seconds.

Confident leadership

Frequently Asked Questions

  1. Fire up the CAT3 appliance. In your Virtual Private Cloud (VPC) if you have one.
  2. Log into CAT3 and adjust the list of AI domains and hosts you want it to govern.
  3. Get those host.domain.ai URLs handled by your firewall and your Zero Trust gateway if you have one.
  4. Check and adjust the blocked concepts in your Governance Graph.
  5. Give the appliance's address to your devops team so governance can be applied to your internally-developed applications.
  6. Use the CAT3 Appliance to configure the CAT3 Forward Proxy for your workforce.
  7. Point your workforce to the CAT3 Proxy address and get them to follow its setup instructions.

Guidance is provided using a back-channel that you choose. The simplest back-channel is a chatbot plugin (widget). This plugin can be added automatically to the browser-based AI applications your team uses, or added to your own AI-focused Knowledge Base. Alternatively, you can choose Slack, Teams or Discord as a back-channel.

CAT3 is a complement to your existing Security Service Edge components. Deploy in-line anywhere between your ZTNA (Zero Trust) gateway and your AI service provider, or use the CAT3 API to inform decisions at any point in the journey.

Yes. The CAT3 Enterprise plan includes Role-Based Access Control (RBAC) that can be configured for as many roles as you need. You define and connect these roles (and the various AI providers) in your Governance Graph.

Generative AI is processing-intensive and expensive. It uses much more energy than traditional computing tasks and it results in considerably more atmospheric carbon.

These costs will only grow as models become more capable and the size of the context window they support gets larger. The context window is what allows your own large documents (or selected pieces of documents) to be referenced by a user's query. The more words sent with a query the more it costs.

CAT3 lets you control these costs in two ways:

  1. You can ensure that AI is only used for approved work-related tasks, using only approved AI applications.
  2. You can restrict the context window size. This encourages your users to be more careful with the documents they send and it ensures that your dev team keeps its RAG (Retrieval Augmented Generation) applications efficient.

Yes. Use the CAT3 API to make sure that your visitors only use your service as intended and get prompt-injection protection out-of-the-box.

CAT3 can be also deployed for OEM use. Visit beth.ai to see its restraints in action.

The name CAT3 is inspired by the the Category 3 designation (BSL-3) given to bioscience labs handling pathogens - e.g. Tuberculosis and SARS-CoV - that can cause serious or potentially lethal diseases. AI should be treated with just as much respect.