Dirigex is a verifiable AI infrastructure platform for AI agents: who they are, what they can do, how they are invoked, and why each decision was allowed.
No — deliberately. The catalog is a trust surface, not a storefront: a governed registry where standing is computed, not declared. Listing is earned, never bought — and revoked when proof lapses. We make agents provable, not purchasable.
Three proven things. Identity: registry attestation plus DNS domain-ownership evidence. Liveness: protocol-correct probes. Freshness: automated re-verification every six hours — pass refreshes the proof, failure auto-delists the agent. No stale badges. Trust is current, or it is removed.
Not yet, and we won't pretend otherwise. Today's tiers prove identity, liveness, and freshness. Behavioral verification is the deliberate next tier — claimed when it ships, not before.
MCP and A2A run end-to-end in production through one hardened dispatch path. HTTP/JSON, gRPC, and WebSocket are supported at the platform layer. Per-protocol policy is enforced in code.
You rule in the request path — allow, deny, require-approval — and you contain at the right blast radius with global, per-tenant, or per-agent kill switches. Overrides are scoped, time-bounded, and audited. Every request, accepted or rejected, leaves a trace.
No. Traces persist for rejected requests exactly as for accepted ones — correlation IDs throughout, configurable retention, trust provenance cryptographically anchored. Deny is a decision, and the record treats it like one.
As the governed alternative, not a network scanner. Dirigex is the front door agents should come through: verified identity, recorded standing, policy in the path, an expiry on trust. We don't hunt what's loose in your network — we make the governed path the one teams actually want to use.
Routing decisions are versioned and replayable, traces cover both outcomes of every governed request, and compliance control mappings — including EU AI Act Article 13 — ship as audit tooling. You answer regulators from production evidence, not reconstruction. This is audit tooling — not a certification or legal determination.
Documented OpenAPI, TypeScript and Python SDKs, SAML SSO with group-to-role mapping, SCIM provisioning (Phase 1), MFA, eight-role RBAC, and scoped API keys. It is built to sit inside an enterprise perimeter, not beside one.
Request access. We'll reply with next steps.