Frequently Asked Questions

Netallion AI Assurance is an AI-native secret and sensitive-data exposure platform. It detects, verifies, and remediates exposed secrets across Azure Monitor logs, GitHub, GitLab, Slack, Teams, Jira, Confluence, and AI prompts — all from one control plane. It uses 497 detection patterns, BPE tokenization, and 20 live verifiers to find active credentials before attackers do.

Yes. There is a free-forever plan, and all paid plans include a 14-day Business trial with no credit card required. Connect your first Azure Monitor workspace or GitHub repository and see results in under 15 minutes.

Most teams are fully onboarded in under 15 minutes. The setup wizard walks you through connecting your surfaces — Azure Monitor workspaces, GitHub or GitLab repos, and collaboration tools. Detection starts immediately after connection.

Netallion AI Assurance scans Azure Monitor logs (Log Analytics, AppInsights, diagnostic tables), GitHub and GitLab pull/merge requests, Slack messages, Microsoft Teams messages, Jira tickets, Confluence pages, and outbound AI prompts via Prompt DLP. It is the only platform that scans Azure Monitor logs for secrets.

Netallion AI Assurance ships with 497 detection patterns covering API keys, passwords, connection strings, tokens, private keys, PII, and cloud credentials across all major providers including AWS, Azure, GCP, Stripe, Twilio, SendGrid, and many more.

BPE (Byte-Pair Encoding) tokenization is the same technique used by large language models. Netallion AI Assurance applies it to secret detection to find credentials that regex-only scanners miss — such as secrets split across lines, partially obfuscated tokens, or credentials embedded in encoded strings. This delivers a 98.6% recall rate.

Live verifiers are automated checks that confirm whether a detected secret is actually active and valid. Instead of just pattern matching, Netallion AI Assurance tests credentials against their provider APIs (GitHub tokens, AWS keys, Azure service principals, etc.) to confirm they grant access. This eliminates false positives from rotated, expired, or test credentials.

With BPE tokenization and live verification combined, Netallion AI Assurance achieves a false positive rate under 2%. Live-verified findings have a near-zero false positive rate because the platform confirms the credential actually works before alerting.

When a secret is detected and verified, you can initiate remediation with a single click from the dashboard. You first review the blast radius (affected services and permissions), then confirm the action. Netallion AI Assurance rotates the credential, stores the new value in your vault (e.g., Azure Key Vault), and revokes the old one — with 24-hour rollback and a full audit trail. Enterprise plans can enable auto-remediation with policy guardrails.

One-click remediation currently supports Azure Key Vault for secret rotation, GitHub token revocation, Azure AD/Entra service principal key rotation, AWS IAM key deactivation, and more providers are added regularly. Enterprise plans include custom remediation workflows.

Every remediation action is logged in the tamper-evident audit trail with full before/after state. While secret rotation is inherently one-way for security, the audit trail preserves complete history and the platform can regenerate credentials if needed.

Yes. Enterprise plans include auto-remediation policies that can be configured per secret type, severity, and source. You define the rules — for example, auto-rotate any AWS key found in logs with severity Critical — and the platform handles the rest without human intervention.

Prompt DLP (Data Loss Prevention) intercepts outbound prompts sent to AI services like ChatGPT, Copilot, and Claude. It detects secrets, PII, and sensitive data before they leave your environment. You can configure it to block, redact, or alert based on content type and sensitivity.

MCP (Model Context Protocol) governance provides visibility and control over MCP servers that AI agents connect to. Netallion AI Assurance inventories MCP servers, assigns trust scores, enforces allow/deny policies, and monitors tool calls in real time to prevent unauthorized data access by AI tools.

The AI Agent Graph maps relationships between AI agents, MCP servers, tools, and data sources in your environment. It visualizes which agents can access which resources, calculates blast radius for compromised tools, and identifies excessive permissions — giving you a complete picture of your AI attack surface.

Yes. Runtime defense detects prompt injection attempts, unauthorized tool invocations, data exfiltration via AI agents, and anomalous agent behavior in real time. It works alongside Prompt DLP and MCP governance to provide defense-in-depth for AI workflows.

Yes. Netallion AI Assurance maps its controls directly to the OWASP Top 10 for LLM Applications, including prompt injection (LLM01), sensitive information disclosure (LLM06), and excessive agency (LLM08). Compliance reports can be exported as evidence bundles.

Netallion AI Assurance provides compliance mapping for SOC 2 Type II, HIPAA, PCI-DSS, GDPR, NIST AI RMF, ISO 42001, OWASP LLM Top 10, and the EU AI Act. Each framework includes pre-built control mappings and exportable evidence bundles.

Evidence bundles are pre-packaged audit artifacts that map your detection, verification, and remediation activities to specific compliance controls. They include finding summaries, remediation receipts, policy configurations, and audit logs — ready to hand to auditors without manual assembly.

Yes. Netallion AI Assurance includes EU AI Act Article 27 Fundamental Rights Impact Assessment (FRIA) workflows, risk classification for AI systems, and transparency logging. These help organizations using high-risk AI systems demonstrate compliance with the EU AI Act requirements.

The audit trail uses tamper-evident logging with cryptographic hash chaining. Each audit entry includes a SHA-256 hash of the previous entry, creating an immutable chain. Any modification or deletion is cryptographically detectable, ensuring the integrity of your compliance records.

The Essentials plan ($149/month, or $119/month billed annually) includes 15 users, 5 workspaces, 1,000 scans/month, all 497 detection patterns, 10 live verifiers, GitHub + GitLab PR gates, NHI discovery, 1 compliance framework of your choice, risk register, AI policy templates, and email support with 24-hour SLA.

The Business plan ($499/month, or $399/month annually) includes 50 users, 25 workspaces, 5,000 scans/month, 20 live verifiers, unlimited PR gates, all 9 compliance frameworks, NHI inventory, Prompt DLP, Slack + Teams scanning, one-click remediation, governance workflows (vendor AI risk, DPIA, RoPA, incident tracking), board reporting, OIDC SSO, and priority support with 8-hour SLA.

Enterprise (from $1,499/month) includes 200 users, custom detection rules, honeytokens, full auto-remediation, MCP governance, AI Agent Graph, runtime enforcement, SAML SSO, custom RBAC, tamper-evident audit logs, and a dedicated CSM. Enterprise+ (custom pricing) adds MSSP multi-tenant console, co-branded partner portals, on-prem deployment, and wholesale billing.

Yes. You can upgrade at any time and your new features are available immediately. Downgrades take effect at the start of your next billing cycle. No penalties for plan changes.

Yes. Netallion AI Assurance offers dedicated MSSP multi-tenant pricing with centralized policy management, tenant-level billing, and co-branded portal options. Contact sales at sales@netallion.com for custom MSSP pricing.